CVE-2020-14418

2021-01-3005:26:59

mitre

www.cve.org

toctou

madcodehook

privilege escalation

directory junctions

AI Score

6.6

Confidence

High

EPSS

Percentile

5.1%

JSON

A TOCTOU vulnerability exists in madCodeHook before 2020-07-16 that allows local attackers to elevate their privileges to SYSTEM. This occurs because path redirection can occur via vectors involving directory junctions.

References

github.com/nettitude/metasploit-modules

labs.nettitude.com/blog/cve-2020-14418-madcodehook-library-local-privilege-escalation/