CVE-2021-4480

HIGH 8.2

Dräger Protector Software Local Privilege Escalation via Insecure File Permissions

CVSS Score

8.2

EPSS Score

0.0%

EPSS Percentile

3th

Dräger Protector Software prior to version 6.4.2 contains a local privilege escalation vulnerability due to insecure file system permissions that allows local attackers to execute arbitrary code with elevated privileges. Attackers can replace binaries or loaded modules on the host system to execute code with NT SYSTEM privileges.

CWE	CWE-732
Vendor	dräger
Product	protector software
Published	Jun 2, 2026
Last Updated	Jun 3, 2026

Stay Ahead of the Next One

Get instant alerts for dräger protector software

Be the first to know when new high vulnerabilities affecting dräger protector software are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Changed

Confidentiality

None

Integrity

High

Availability

High

Affected Versions

Dräger / Protector Software

0 < 6.4.2

References

NVD ↗ CVE.org ↗ EPSS Data ↗

static.draeger.com: https://static.draeger.com/security/download/2021-267-01-Draeger-Protector-Software-vulnerabilities.pdf vulncheck.com: https://www.vulncheck.com/advisories/dr-ger-protector-software-local-privilege-escalation-via-insecure-file-permissions

Credits

Mario Ceballos