CVE-2020-3427

Опубликовано: 14 окт. 2020

Источник: nvd

CVSS3: 6.6

CVSS3: 7.8

CVSS2: 4.6

EPSS Низкий

Описание

The Windows Logon installer prior to 4.1.2 did not properly validate file installation paths. This allows an attacker with local user privileges to coerce the installer to write to arbitrary privileged directories. If successful, an attacker can manipulate files used by Windows Logon, cause Denial of Service (DoS) by deleting file(s), or replace system files to potentially achieve elevation of privileges. Note that this can only exploitable during new installations while the installer is running and is not exploitable once installation is finished. Versions 4.1.2 of Windows Logon addresses this issue.

Ссылки

https://duo.com/docs/rdp-notes
Release Notes
Vendor Advisory
https://duo.com/docs/rdp-notes
Release Notes
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:cisco:duo_authentication_for_windows_logon_and_rdp:*:*:*:*:*:*:*:*

Версия до 4.1.2 (исключая)

EPSS

Процентиль: 8%

0.00028

Низкий

6.6 Medium

CVSS3

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-280

NVD-CWE-noinfo

Связанные уязвимости

GHSA-437m-6wfg-j372

CVSS3: 7.8

github

больше 3 лет назад

A privilege escalation vulnerability exists in the Duo Authentication for Windows Logon and RDP implementation. This vulnerability could allow an authenticated local attacker to overwrite files in privileged directories.

EPSS

Процентиль: 8%

0.00028

Низкий

6.6 Medium

CVSS3

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-280

NVD-CWE-noinfo