Q4. Refer to the CVE and NVD search results of CVE-2021-20616 as in the following figure.

Q4. a) List 3 important information about CVE-2021-20616 that you can extract from the diagram above?

Q4. b) What type of malware is affecting the victim’s computer?

Q4. c) What does the malware do in this attack?

Transcribed Image Text:

Vulnerability Details : CVE-2021-20616 Untrusted search path vulnerability in the installer of SKYSEA Client View Ver.1.020.05b to Ver. 16.001.01g allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. Publish Date: 2021-01-13 Last Update Date: 2022-05-03 Scroll To ▾ Comments External Links Collapse All Expand All Select Select&Copy Search Twitter Search YouTube Search Google - CVSS Scores & Vulnerability Types CVSS Score 4.4 Partial (There is considerable informational disclosure.) Confidentiality Impact Integrity Impact Partial (Modification of some system files or information is possible, but the attacker does not have control over what can be modified, or the scope of what the attacker can affect is limited.) Availability Impact Partial (There is reduced performance or interruptions in resource availability.) Access Complexity Medium (The access conditions are somewhat specialized. Some preconditions must be satistified to exploit) Not required (Authentication is not required to exploit the vulnerability.) Authentication None Gained Access Vulnerability Type(s) CWE ID Gain privileges 427 - Products Affected By CVE-2021-20616 # Product Type Vendor Product Version Update Edition Language 1 Application Skygroup Skysea Client View * Version Details Vulnerabilities - Number Of Affected Versions By Product