This CVE ID has been rejected or withdrawn by its CVE Numbering Authority as a duplicate.

Metrics

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Sandboxie
  • Sandboxie
Sandboxie-plus
  • Sandboxie

No data.

No data.

References

No reference.

History

Wed, 21 Jan 2026 17:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-428
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 8.5, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X'}

Wed, 21 Jan 2026 17:15:00 +0000

Type Values Removed Values Added
Title Sandboxie Plus 0.7.4 - 'SbieSvc' Unquoted Service Path
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 21 Jan 2026 17:00:00 +0000

Type Values Removed Values Added
Description Sandboxie Plus 0.7.4 contains an unquoted service path vulnerability in the SbieSvc service that allows local attackers to execute code with elevated privileges. Attackers can exploit the unquoted path during system startup or reboot to inject and run malicious executables with LocalSystem permissions. This CVE ID has been rejected or withdrawn by its CVE Numbering Authority as a duplicate.
Metrics cvssV4_0

{'score': 8.5, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

 cvssV4_0

{'score': 8.5, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X'}

Mon, 19 Jan 2026 09:45:00 +0000

Type Values Removed Values Added
First Time appeared Sandboxie
Sandboxie sandboxie
Sandboxie-plus
Sandboxie-plus sandboxie
Vendors & Products Sandboxie
Sandboxie sandboxie
Sandboxie-plus
Sandboxie-plus sandboxie

Fri, 16 Jan 2026 22:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 16 Jan 2026 19:15:00 +0000

Type Values Removed Values Added
Description Sandboxie Plus 0.7.4 contains an unquoted service path vulnerability in the SbieSvc service that allows local attackers to execute code with elevated privileges. Attackers can exploit the unquoted path during system startup or reboot to inject and run malicious executables with LocalSystem permissions.
Title Sandboxie Plus 0.7.4 - 'SbieSvc' Unquoted Service Path
Weaknesses CWE-428
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 8.5, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}
cve-icon MITRE

Status: REJECTED

Assigner: VulnCheck

Published: 2026-01-16T19:09:34.019Z

Updated: 2026-01-21T16:41:46.259Z

Reserved: 2026-01-14T17:11:19.900Z

Link: CVE-2021-47832

cve-icon Vulnrichment

Updated:

cve-icon NVD

Status : Rejected

Published: 2026-01-16T19:16:08.403

Modified: 2026-01-21T17:16:03.597

Link: CVE-2021-47832

cve-icon Redhat

No data.