CVE-2020-23834

Insecure Service File Permissions in the bd service in Real Time Logic BarracudaDrive v6.5 allow local attackers to escalate privileges to admin by replacing the %SYSTEMDRIVE%\bd\bd.exe file. When the computer next starts, the new bd.exe will be run as LocalSystem.
References
Link Resource
https://www.exploit-db.com/exploits/48789 Exploit Third Party Advisory VDB Entry
https://github.com/boku7/BarracudaDrivev6.5-LocalPrivEsc Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:realtimelogic:barracudadrive:6.5:*:*:*:*:*:*:*

Information

Published : 2020-09-03 21:15

Updated : 2020-09-16 08:34


NVD link : CVE-2020-23834

Mitre link : CVE-2020-23834


JSON object : View

CWE
CWE-732

Incorrect Permission Assignment for Critical Resource

Advertisement

dedicated server usa

Products Affected

realtimelogic

  • barracudadrive