Lucene search

K
prionPRIOn knowledge basePRION:CVE-2020-28407
HistoryNov 03, 2023 - 4:15 a.m.

Code injection

2023-11-0304:15:00
PRIOn knowledge base
www.prio-n.com
3
swtpm
code injection
vulnerability
local attackers
overwrite
arbitrary files
symlink attack
temporary file
tmp2-00.permall

6.7 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

In swtpm before 0.4.2 and 0.5.x before 0.5.1, a local attacker may be able to overwrite arbitrary files via a symlink attack against a temporary file such as TMP2-00.permall.

CPENameOperatorVersion
swtpmlt0.4.2
swtpmeq0.5.0

6.7 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%