Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 8:35 a.m.9 views

CVE-2020-10143

Macrium Reflect includes an OpenSSL component that specifies an OPENSSLDIR variable as C:\openssl\. Macrium Reflect contains a privileged service that uses this OpenSSL component. Because unprivileged Windows users can create subdirectories off of the system root, a user can create the appropriat...

7.8CVSS7.5AI score0.00592EPSS
Exploits0References1
NVD
NVD
added 2020/12/09 11:15 p.m.15 views

CVE-2020-10143

Macrium Reflect includes an OpenSSL component that specifies an OPENSSLDIR variable as C:\openssl. Macrium Reflect contains a privileged service that uses this OpenSSL component. Because unprivileged Windows users can create subdirectories off of the system root, a user can create the appropriate...

7.8CVSS7.8AI score0.00592EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/12/09 10:35 p.m.20 views

CVE-2020-10143

Macrium Reflect includes an OpenSSL component that specifies an OPENSSLDIR variable as C:\openssl. Macrium Reflect contains a privileged service that uses this OpenSSL component. Because unprivileged Windows users can create subdirectories off of the system root, a user can create the appropriate...

7.8CVSS7.8AI score0.00592EPSS
Exploits0References1
CVE
CVE
added 2020/12/09 10:35 p.m.52 views

CVE-2020-10143

CVE-2020-10143 affects Macrium Reflect via an OpenSSL OPENSSLDIR of C:\openssl\ and a privileged service that loads OpenSSL. An unprivileged Windows user can create a crafted openssl.cnf path to achieve arbitrary code execution with SYSTEM privileges. Remediation available: upgrade to Macrium Ref...

7.8CVSS7.7AI score0.00592EPSS
Exploits0References1Affected Software1
CERT
CERT
added 2020/10/26 12:0 a.m.32 views

Macrium Reflect is vulnerable to privilege escalation due to OPENSSLDIR location

Overview Macrium Reflect contains a privilege escalation vulnerability due to the use of an OPENSSLDIR variable that specifies a location where an unprivileged Windows user can create files. Description CVE-2020-10143 Macrium Reflect includes an OpenSSL component that specifies an OPENSSLDIR...

7.8CVSS8.1AI score0.00592EPSS
Exploits0References1
Rows per page
Query Builder