28 matches found
CVE-2020-1986
CVE-2020-1986 concerns an improper input validation vulnerability in Secdo for Windows . An authenticated local user with the ability to create folders or append data can access the root of the OS disk (C:) and cause a system crash on every login. The issue affects all versions of Secdo for Windo...
Secdo: Privilege escalation via hardcoded script path
Secdo tries to execute a script at a hardcoded path if present, which allows a local authenticated user with 'create folders or append data' access to the root of the OS disk C:\ to gain system privileges if the path does not already exist or is writable. This issue affects all versions of Secdo...
Secdo: Incorrect Default Permissions
Incorrect Default Permissions on C:\Programdata\Secdo\Logs folder in Secdo allows local authenticated users to overwrite system files and gain escalated privileges. This issue affects all versions Secdo for Windows. Work around: Change permission on C:\Programdata\Secdo\Logs to not allow...
Secdo: Local authenticated users can cause Windows system crash
Improper input validation vulnerability in Secdo allows an authenticated local user with 'create folders or append data' access to the root of the OS disk C:\ to cause a system crash on every login. This issue affects all versions Secdo for Windows. Work around: Exploitation of this issue can be...
CVE-2020-1984
Secdo tries to execute a script at a hardcoded path if present, which allows a local authenticated user with ‘create folders or append data’ access to the root of the OS disk C: to gain system privileges if the path does not already exist or is writable. This issue affects all versions of Secdo f...
CVE-2020-1986
Improper input validation vulnerability in Secdo allows an authenticated local user with ‘create folders or append data’ access to the root of the OS disk C: to cause a system crash on every login. This issue affects all versions Secdo for Windows. Recent assessments: xFreed0m at April 10, 2020...
CVE-2020-1985
Incorrect Default Permissions on C:\Programdata\Secdo\Logs folder in Secdo allows local authenticated users to overwrite system files and gain escalated privileges. This issue affects all versions Secdo for Windows. Recent assessments: xFreed0m at April 10, 2020 3:06pm UTC reported: CVE-2020-1985...
More Hacking Groups Found Exploiting SMB Flaw Weeks Before WannaCry
Since the Shadow Brokers released the zero-day software vulnerabilities and hacking tools – allegedly belonged to the NSA's elite hacking team Equation Group – several hacking groups and individual hackers have started using them in their own way. The April's data dump was believed to be the most...