CVE-2021-47756
Published: 16 January 2026
Summary
CVE-2021-47756 is a high-severity Incorrect Permission Assignment for Critical Resource (CWE-732) vulnerability in Laravel Valet (inferred from references). Its CVSS base score is 8.4 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 8.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 AC-6 (Least Privilege) and CM-5 (Access Restrictions for Change).
Deeper analysis
CVE-2021-47756 is a local privilege escalation vulnerability in Laravel Valet versions 1.1.4 through 2.0.3. The issue stems from incorrect permissions (CWE-732) on a symlinked valet command, allowing local users to modify it with root privileges. This enables attackers to edit the command and execute arbitrary code as root without additional authentication. The vulnerability has a CVSS v3.1 base score of 8.4 (AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
A local attacker requires only access to the system, with no privileges, low attack complexity, and no user interaction needed. By exploiting the misconfigured symlink, the attacker can alter the valet command to run malicious code upon invocation with root rights, achieving high impacts on confidentiality, integrity, and availability, such as full system compromise.
Advisories and references detail the issue further, including the VulnCheck advisory on Laravel Valet local privilege escalation on macOS (https://www.vulncheck.com/advisories/laravel-valet-local-privilege-escalation-macos), Laravel documentation (https://laravel.com/docs/8.x/valet), and a proof-of-concept exploit on Exploit-DB (https://www.exploit-db.com/exploits/50591). Security practitioners should review these sources for recommended mitigations, such as restricting access or updating affected installations.
OWASP Top 10 for Web (2025)
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-3040
Vulnerability details
Laravel Valet versions 1.1.4 to 2.0.3 contain a local privilege escalation vulnerability that allows users to modify the valet command with root privileges. Attackers can edit the symlinked valet command to execute arbitrary code with root permissions without additional authentication.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Local privilege escalation via incorrect file permissions on a privileged command symlink, directly enabling arbitrary code execution as root.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Establishes and enforces restrictive configuration settings for file permissions on symlinked commands like valet, directly preventing local users from modifying them due to CWE-732 misconfiguration.
Enforces least privilege to limit invocation of root-privileged commands like valet to authorized contexts only, mitigating local privilege escalation risks.
Restricts and authorizes access to make changes to critical system components such as symlinks, preventing unauthorized modifications that enable arbitrary root code execution.