CVE-2021-47974
Published: 16 May 2026
Summary
CVE-2021-47974 is a high-severity Unquoted Search Path or Element (CWE-428) vulnerability in Vxsearch (inferred from references). Its CVSS base score is 8.5 (High).
Operationally, ranked at the 2.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2021-34831
Vulnerability details
VX Search 13.5.28 contains an unquoted service path vulnerability in both VX Search Server and VX Search Enterprise services that allows local attackers to escalate privileges. Attackers can place malicious executables in unquoted path directories like C:\Program Files\VX Search to…
more
execute arbitrary code with LocalSystem privileges when services restart.
- CWE(s)
Related Threats
CVEs Like This One
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.