CVE-2020-36162
Veritas CloudPoint (Windows) prior to 8.3.0.1+hotfix is affected. The CloudPoint Windows Agent loads OpenSSL, which attempts to read a non-existent \usr\local\ssl\openssl.cnf. An attacker with low privileges on Windows can create a drive:\usr\local\ssl\openssl.cnf to load a malicious OpenSSL engi...