Lucene search
K

28 matches found

CVE
CVE
added 2020/04/08 6:41 p.m.54 views

CVE-2020-1986

CVE-2020-1986 concerns an improper input validation vulnerability in Secdo for Windows . An authenticated local user with the ability to create folders or append data can access the root of the OS disk (C:) and cause a system crash on every login. The issue affects all versions of Secdo for Windo...

5.5CVSS5.4AI score0.00261EPSS
Exploits0References1Affected Software1
Palo Alto Networks
Palo Alto Networks
added 2020/04/08 4:0 p.m.36 views

Secdo: Privilege escalation via hardcoded script path

Secdo tries to execute a script at a hardcoded path if present, which allows a local authenticated user with 'create folders or append data' access to the root of the OS disk C:\ to gain system privileges if the path does not already exist or is writable. This issue affects all versions of Secdo...

7.8CVSS4.1AI score0.00311EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2020/04/08 4:0 p.m.37 views

Secdo: Incorrect Default Permissions

Incorrect Default Permissions on C:\Programdata\Secdo\Logs folder in Secdo allows local authenticated users to overwrite system files and gain escalated privileges. This issue affects all versions Secdo for Windows. Work around: Change permission on C:\Programdata\Secdo\Logs to not allow...

7.8CVSS4.7AI score0.00254EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2020/04/08 4:0 p.m.37 views

Secdo: Local authenticated users can cause Windows system crash

Improper input validation vulnerability in Secdo allows an authenticated local user with 'create folders or append data' access to the root of the OS disk C:\ to cause a system crash on every login. This issue affects all versions Secdo for Windows. Work around: Exploitation of this issue can be...

5.5CVSS4AI score0.00261EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2020/04/08 12:0 a.m.21 views

CVE-2020-1984

Secdo tries to execute a script at a hardcoded path if present, which allows a local authenticated user with ‘create folders or append data’ access to the root of the OS disk C: to gain system privileges if the path does not already exist or is writable. This issue affects all versions of Secdo f...

7.8CVSS1.8AI score0.00311EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2020/04/08 12:0 a.m.16 views

CVE-2020-1986

Improper input validation vulnerability in Secdo allows an authenticated local user with ‘create folders or append data’ access to the root of the OS disk C: to cause a system crash on every login. This issue affects all versions Secdo for Windows. Recent assessments: xFreed0m at April 10, 2020...

5.5CVSS1.5AI score0.00261EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2020/04/08 12:0 a.m.22 views

CVE-2020-1985

Incorrect Default Permissions on C:\Programdata\Secdo\Logs folder in Secdo allows local authenticated users to overwrite system files and gain escalated privileges. This issue affects all versions Secdo for Windows. Recent assessments: xFreed0m at April 10, 2020 3:06pm UTC reported: CVE-2020-1985...

7.8CVSS1.8AI score0.00254EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2017/05/19 1:52 a.m.898 views

More Hacking Groups Found Exploiting SMB Flaw Weeks Before WannaCry

Since the Shadow Brokers released the zero-day software vulnerabilities and hacking tools – allegedly belonged to the NSA's elite hacking team Equation Group – several hacking groups and individual hackers have started using them in their own way. The April's data dump was believed to be the most...

9.3CVSS8.4AI score0.93307EPSS
Exploits47
Rows per page
Query Builder