CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:P/A:N
AI Score
Confidence
High
EPSS
Percentile
5.1%
Smc.exe in My Firewall Plus 5.0 build 1117, and possibly other versions, does not drop privileges before launching the Log Viewer export functionality, which allows local users to corrupt arbitrary files by saving log files.
Vendor | Product | Version | CPE |
---|---|---|---|
webroot_software | my_firewall_plus | 5.0 | cpe:2.3:a:webroot_software:my_firewall_plus:5.0:*:*:*:*:*:*:* |