28 matches found
EUVD-2020-12776
Malware in sbrugna...
EUVD-2020-12775
Malware in sbrugna...
EUVD-2020-12774
Malware in sbrugna...
The vulnerability of the Secdo security incident investigation software arises from insufficient validation of input data. This allows attackers to create directories or store data in the root directory of the operating system, thereby gaining system privileges when the path is unavailable for writing or does not yet exist.
The vulnerability of the Secdo security incident investigation software exists due to insufficient validation of input data. Exploiting this vulnerability allows an attacker to create directories or add data to the root directory of the operating system, thereby gaining system privileges when the...
The vulnerability of the Secdo security incident investigation software lies in the insufficient validation of input data, allowing an intruder to add data to the root directory.
The vulnerability of the Secdo security incident investigation software exists due to insufficient validation of input data. Exploiting this vulnerability allows an attacker to add data to the root catalog...
The vulnerability of the Secdo security incident investigation software arises from incorrect default access settings, which allow attackers to elevate their privileges and re-write system files.
The vulnerability of the Secdo security incident investigation software is related to incorrect default access settings for the folder C:\Programdata\Secdo\Logs. Exploiting this vulnerability allows an attacker to increase their privileges and overwrite system files...
Palo Alto Networks Secdo Input Validation Error Vulnerability
Palo Alto Networks Secdo is a security incident response solution from Palo Alto Networks, USA. An input validation error vulnerability exists in Palo Alto Networks Secdo. The vulnerability originates from a network system or product that does not properly validate incoming data. An attacker coul...
Palo Alto Networks Secdo Input Validation Error Vulnerability (CNVD-2020-26235)
Palo Alto Networks Secdo is a security incident response solution from Palo Alto Networks, USA. Palo Alto Networks Secdo suffers from an input validation error vulnerability that stems from Secdo executing scripts on hard-coded paths. An attacker can exploit this vulnerability to gain system...
Unspecified Vulnerability in Palo Alto Networks Secdo
Palo Alto Networks Secdo is a security incident response solution from Palo Alto Networks, USA. An unspecified vulnerability exists in Palo Alto Networks Secdo, which arises from the program setting incorrect default permissions for folders. An attacker could exploit the vulnerability to elevate...
CVE-2020-1984
Secdo tries to execute a script at a hardcoded path if present, which allows a local authenticated user with 'create folders or append data' access to the root of the OS disk C:\ to gain system privileges if the path does not already exist or is writable. This issue affects all versions of Secdo...
CVE-2020-1985
Incorrect Default Permissions on C:\Programdata\Secdo\Logs folder in Secdo allows local authenticated users to overwrite system files and gain escalated privileges. This issue affects all versions Secdo for Windows...
CVE-2020-1986
Improper input validation vulnerability in Secdo allows an authenticated local user with 'create folders or append data' access to the root of the OS disk C:\ to cause a system crash on every login. This issue affects all versions Secdo for Windows...
Default credentials
Incorrect Default Permissions on C:\Programdata\Secdo\Logs folder in Secdo allows local authenticated users to overwrite system files and gain escalated privileges. This issue affects all versions Secdo for Windows...
Input validation
Improper input validation vulnerability in Secdo allows an authenticated local user with 'create folders or append data' access to the root of the OS disk C:\ to cause a system crash on every login. This issue affects all versions Secdo for Windows...
Hardcoded credentials
Secdo tries to execute a script at a hardcoded path if present, which allows a local authenticated user with 'create folders or append data' access to the root of the OS disk C:\ to gain system privileges if the path does not already exist or is writable. This issue affects all versions of Secdo...
CVE-2020-1985
CVE-2020-1985 refers to Secdo for Windows with an incorrect default permission on the folder C:\Programdata\Secdo\Logs. Local authenticated users could overwrite system files and escalate privileges due to overly permissive permissions. The connected Palo Alto advisory offers a workaround: modify...
CVE-2020-1986 Secdo: Local authenticated users can cause Windows system crash
Improper input validation vulnerability in Secdo allows an authenticated local user with 'create folders or append data' access to the root of the OS disk C:\ to cause a system crash on every login. This issue affects all versions Secdo for Windows...
CVE-2020-1986
CVE-2020-1986 concerns an improper input validation vulnerability in Secdo for Windows . An authenticated local user with the ability to create folders or append data can access the root of the OS disk (C:) and cause a system crash on every login. The issue affects all versions of Secdo for Windo...
CVE-2020-1985 Secdo: Incorrect Default Permissions
Incorrect Default Permissions on C:\Programdata\Secdo\Logs folder in Secdo allows local authenticated users to overwrite system files and gain escalated privileges. This issue affects all versions Secdo for Windows...
CVE-2020-1984 Secdo: Privilege escalation via hardcoded script path
Secdo tries to execute a script at a hardcoded path if present, which allows a local authenticated user with 'create folders or append data' access to the root of the OS disk C:\ to gain system privileges if the path does not already exist or is writable. This issue affects all versions of Secdo...