Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-1986 | 2 Microsoft, Paloaltonetworks | 2 Windows, Secdo | 2020-04-10 | 4.9 MEDIUM | 5.5 MEDIUM |
Improper input validation vulnerability in Secdo allows an authenticated local user with 'create folders or append data' access to the root of the OS disk (C:\) to cause a system crash on every login. This issue affects all versions Secdo for Windows. | |||||
CVE-2020-1984 | 2 Microsoft, Paloaltonetworks | 2 Windows, Secdo | 2020-04-10 | 7.2 HIGH | 7.8 HIGH |
Secdo tries to execute a script at a hardcoded path if present, which allows a local authenticated user with 'create folders or append data' access to the root of the OS disk (C:\) to gain system privileges if the path does not already exist or is writable. This issue affects all versions of Secdo for Windows. | |||||
CVE-2020-1985 | 2 Microsoft, Paloaltonetworks | 2 Windows, Secdo | 2020-04-10 | 4.6 MEDIUM | 7.8 HIGH |
Incorrect Default Permissions on C:\Programdata\Secdo\Logs folder in Secdo allows local authenticated users to overwrite system files and gain escalated privileges. This issue affects all versions Secdo for Windows. |