3 matches found
CVE-2020-13533
A privilege escalation vulnerability exists in Dream Report 5 R20-2. IIn the default configuration, the following registry keys, which reference binaries with weak permissions, can be abused by attackers to effectively ‘backdoor’ the installation files and escalate privileges when a new user logs...
CVE-2020-13533
Dream Report 5 R20-2 is affected by a privilege escalation vulnerability linked to default weak permissions in the install directory and specific Run keys. The default C:\ODS permissions allow broad access, enabling an attacker to abuse Run keys ods_rtm_launch and ods_usc (mapping to RTM.exe and ...
Dream Report platform privilege escalation vulnerability
Summary Multiple privilege escalation vulnerabilities exist in Dream Report 5 R20-2. A specially crafted executable can cause elevated capabilities. An attacker can provide a malicious file to trigger this vulnerability. Tested Versions Dream Report 5 R20-2 Product URLs https://dreamreport.net/...