CVE-2020-23967

2021-03-0814:34:09

mitre

www.cve.org

dr.web security space

elevation of privilege

autoupdate vulnerability

nt authority\system

AI Score

7.7

Confidence

High

EPSS

Percentile

9.8%

JSON

Dr.Web Security Space versions 11 and 12 allow elevation of privilege for local users without administrative privileges to NT AUTHORITY\SYSTEM due to insufficient control during autoupdate.

References

amonitoring.ru/article/drweb/

habr.com/ru/company/pm/blog/509592/

www.youtube.com/watch?v=q7Kqi7kE59U