An exploitable local privilege elevation vulnerability exists in the file system permissions of the Win-911 Enterprise V4.20.13 install directory via “WIN-911 Mobile Runtime” service. Depending on the vector chosen, an attacker can overwrite various executables which could lead to escalation of the privileges when executed.
References
Link | Resource |
---|---|
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1150 | Exploit Technical Description Third Party Advisory |
https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1150 | Exploit Technical Description Third Party Advisory |
Configurations
Information
Published : 2021-01-05 08:15
Updated : 2022-10-06 17:55
NVD link : CVE-2020-13539
Mitre link : CVE-2020-13539
JSON object : View
CWE
CWE-276
Incorrect Default Permissions
Products Affected
win911
- win-911