Lucene search

TalosCVELIST:CVE-2020-13541

HistoryJan 05, 2021 - 3:44 p.m.

CVE-2020-13541

2021-01-0515:44:48

CWE-276

talos

www.cve.org

9.3 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

8.8 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

An exploitable local privilege elevation vulnerability exists in the file system permissions of the Mobile-911 Server V2.5 install directory. Depending on the vector chosen, an attacker can overwrite the service executable and execute arbitrary code with System privileges or replace other files within the installation folder that could lead to local privilege escalation.

CNA Affected

[
  {
    "product": "Win-911",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Win-911 Mobile Server V2.5"
      }
    ]
  }
]

References

talosintelligence.com/vulnerability_reports/TALOS-2020-1151

9.3 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

8.8 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVELIST:CVE-2020-13541