Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2020-25502

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-20 Jan, 2023 | 00:00
Updated At-03 Apr, 2025 | 17:47
Rejected At-
Credits

Cybereason EDR version 19.1.282 and above, 19.2.182 and above, 20.1.343 and above, and 20.2.X and above has a DLL hijacking vulnerability, which could allow a local attacker to execute code with elevated privileges.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:20 Jan, 2023 | 00:00
Updated At:03 Apr, 2025 | 17:47
Rejected At:
▼CVE Numbering Authority (CNA)

Cybereason EDR version 19.1.282 and above, 19.2.182 and above, 20.1.343 and above, and 20.2.X and above has a DLL hijacking vulnerability, which could allow a local attacker to execute code with elevated privileges.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://endpoint.com
N/A
http://cybereason.com
N/A
https://www.cybereason.com/cybereason-vulnerability-disclosure
N/A
Hyperlink: http://endpoint.com
Resource: N/A
Hyperlink: http://cybereason.com
Resource: N/A
Hyperlink: https://www.cybereason.com/cybereason-vulnerability-disclosure
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://endpoint.com
x_transferred
http://cybereason.com
x_transferred
https://www.cybereason.com/cybereason-vulnerability-disclosure
x_transferred
Hyperlink: http://endpoint.com
Resource:
x_transferred
Hyperlink: http://cybereason.com
Resource:
x_transferred
Hyperlink: https://www.cybereason.com/cybereason-vulnerability-disclosure
Resource:
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Problem Types
TypeCWE IDDescription
CWECWE-427CWE-427 Uncontrolled Search Path Element
Type: CWE
CWE ID: CWE-427
Description: CWE-427 Uncontrolled Search Path Element
Metrics
VersionBase scoreBase severityVector
3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:20 Jan, 2023 | 21:15
Updated At:03 Apr, 2025 | 18:15

Cybereason EDR version 19.1.282 and above, 19.2.182 and above, 20.1.343 and above, and 20.2.X and above has a DLL hijacking vulnerability, which could allow a local attacker to execute code with elevated privileges.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Secondary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CPE Matches
cybereason
cybereason
>>endpoint_detection_and_response>>Versions before 19.1.282(exclusive)
cpe:2.3:a:cybereason:endpoint_detection_and_response:*:*:*:*:*:*:*:*
cybereason
cybereason
>>endpoint_detection_and_response>>Versions from 19.2.0(inclusive) to 19.2.182(exclusive)
cpe:2.3:a:cybereason:endpoint_detection_and_response:*:*:*:*:*:*:*:*
cybereason
cybereason
>>endpoint_detection_and_response>>Versions from 20.1.0(inclusive) to 20.1.343(exclusive)
cpe:2.3:a:cybereason:endpoint_detection_and_response:*:*:*:*:*:*:*:*
cybereason
cybereason
>>endpoint_detection_and_response>>20.2.0
cpe:2.3:a:cybereason:endpoint_detection_and_response:20.2.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-427Primarynvd@nist.gov
CWE-427Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE ID: CWE-427
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-427
Type: Secondary
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://cybereason.comcve@mitre.org
Vendor Advisory
http://endpoint.comcve@mitre.org
Not Applicable
https://www.cybereason.com/cybereason-vulnerability-disclosurecve@mitre.org
Vendor Advisory
http://cybereason.comaf854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://endpoint.comaf854a3a-2127-422b-91ae-364da2661108
Not Applicable
https://www.cybereason.com/cybereason-vulnerability-disclosureaf854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Hyperlink: http://cybereason.com
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://endpoint.com
Source: cve@mitre.org
Resource:
Not Applicable
Hyperlink: https://www.cybereason.com/cybereason-vulnerability-disclosure
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://cybereason.com
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://endpoint.com
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Not Applicable
Hyperlink: https://www.cybereason.com/cybereason-vulnerability-disclosure
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

264Records found
CVE-2022-27180
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-4.2||MEDIUM
EPSS-0.05% / 16.07%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:17
Updated-24 Jan, 2025 | 17:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in the Intel(R) MacCPUID software before version 3.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-maccpuidIntel(R) MacCPUID software
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2024-9852
Matching Score-4
Assigner-Mitsubishi Electric Corporation
ShareView Details
Matching Score-4
Assigner-Mitsubishi Electric Corporation
CVSS Score-7.8||HIGH
EPSS-0.03% / 6.94%
||
7 Day CHG~0.00%
Published-28 Nov, 2024 | 22:20
Updated-09 Jan, 2026 | 08:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Malicious Code Execution Vulnerability in GENESIS64, ICONICS Suite, MC Works64, and GENESIS32

Uncontrolled Search Path Element vulnerability in Mitsubishi Electric GENESIS64 all versions, Mitsubishi Electric Iconics Digital Solutions GENESIS64 all versions, Mitsubishi Electric ICONICS Suite all versions, Mitsubishi Electric Iconics Digital Solutions ICONICS Suite all versions, Mitsubishi Electric MC Works64 all versions, Mitsubishi Electric GENESIS32 all versions, and Mitsubishi Electric Iconics Digital Solutions GENESIS32 all versions allows a local authenticated attacker to execute a malicious code by storing a specially crafted DLL in a specific folder. This could lead to disclose, tamper with, destroy, or delete information in the affected products, or cause a denial of service (DoS) condition on the products.

Action-Not Available
Vendor-Mitsubishi Electric Iconics Digital SolutionsiconicsMitsubishi Electric Corporation
Product-GENESIS64MC Works64GENESIS32ICONICS Suitegenesis64mc_works64
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2020-24425
Matching Score-4
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-4
Assigner-Adobe Systems Incorporated
CVSS Score-7.5||HIGH
EPSS-0.23% / 45.80%
||
7 Day CHG~0.00%
Published-21 Oct, 2020 | 20:07
Updated-16 Sep, 2024 | 23:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Privilege escalation vulnerability in Dreamweaver version 20.2

Dreamweaver version 20.2 (and earlier) is affected by an uncontrolled search path element vulnerability that could lead to privilege escalation. Successful exploitation could result in a local user with permissions to write to the file system running system commands with administrator privileges.

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-windowsmacosdreamweaverDreamweaver
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2020-24356
Matching Score-4
Assigner-Cloudflare, Inc.
ShareView Details
Matching Score-4
Assigner-Cloudflare, Inc.
CVSS Score-6.4||MEDIUM
EPSS-0.03% / 9.41%
||
7 Day CHG~0.00%
Published-02 Oct, 2020 | 14:16
Updated-17 Sep, 2024 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Local Privilege Escalation in cloudflared

`cloudflared` versions prior to 2020.8.1 contain a local privilege escalation vulnerability on Windows systems. When run on a Windows system, `cloudflared` searches for configuration files which could be abused by a malicious entity to execute commands as a privileged user. Version 2020.8.1 fixes this issue.

Action-Not Available
Vendor-Cloudflare, Inc.
Product-cloudflaredcloudflared
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2020-2049
Matching Score-4
Assigner-Palo Alto Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Palo Alto Networks, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.76%
||
7 Day CHG~0.00%
Published-09 Dec, 2020 | 18:00
Updated-17 Sep, 2024 | 02:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cortex XDR Agent: Improper control of loaded DLL leads to local privilege escalation

A local privilege escalation vulnerability exists in Palo Alto Networks Cortex XDR Agent on the Windows platform that allows an authenticated local Windows user to execute programs with SYSTEM privileges. This requires the user to have the privilege to create files in the Windows root directory. This issue impacts: All versions of Cortex XDR Agent 7.1 with content update 149 and earlier versions; All versions of Cortex XDR Agent 7.2 with content update 149 and earlier versions.

Action-Not Available
Vendor-Palo Alto Networks, Inc.Microsoft Corporation
Product-cortex_xdr_agentwindowsCortex XDR Agent
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2024-7325
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.5||HIGH
EPSS-0.06% / 18.98%
||
7 Day CHG~0.00%
Published-31 Jul, 2024 | 19:31
Updated-11 Sep, 2024 | 15:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IObit Driver Booster BPL VCL120.BPL uncontrolled search path

A vulnerability was found in IObit Driver Booster 11.0.0.0. It has been rated as critical. Affected by this issue is some unknown functionality in the library VCL120.BPL of the component BPL Handler. The manipulation leads to uncontrolled search path. Attacking locally is a requirement. The identifier of this vulnerability is VDB-273248. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-iobitIObitiobit
Product-driver_boosterDriver Boosterdriver_booster
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2024-48990
Matching Score-4
Assigner-Canonical Ltd.
ShareView Details
Matching Score-4
Assigner-Canonical Ltd.
CVSS Score-7.8||HIGH
EPSS-19.80% / 95.32%
||
7 Day CHG~0.00%
Published-19 Nov, 2024 | 17:38
Updated-03 Nov, 2025 | 23:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Python interpreter with an attacker-controlled PYTHONPATH environment variable.

Action-Not Available
Vendor-needrestart_projectneedrestartneedrestart_project
Product-needrestartneedrestartneedrestart
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2021-38420
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.57%
||
7 Day CHG~0.00%
Published-03 Nov, 2021 | 19:05
Updated-16 Sep, 2024 | 18:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Delta Electronics DIALink

Delta Electronics DIALink versions 1.2.4.0 and prior default permissions give extensive permissions to low-privileged user accounts, which may allow an attacker to modify the installation directory and upload malicious files.

Action-Not Available
Vendor-Delta Electronics, Inc.
Product-dialinkDIALink
CWE ID-CWE-427
Uncontrolled Search Path Element
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2021-36216
Matching Score-4
Assigner-LY Corporation
ShareView Details
Matching Score-4
Assigner-LY Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.52%
||
7 Day CHG~0.00%
Published-08 Sep, 2021 | 17:50
Updated-04 Aug, 2024 | 00:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

LINE for Windows 6.2.1.2289 and before allows arbitrary code execution via malicious DLL injection.

Action-Not Available
Vendor-linecorpLINE Corporation
Product-lineLINE for Windows
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2024-7061
Matching Score-4
Assigner-Okta
ShareView Details
Matching Score-4
Assigner-Okta
CVSS Score-5.5||MEDIUM
EPSS-0.13% / 32.79%
||
7 Day CHG~0.00%
Published-07 Aug, 2024 | 16:35
Updated-28 Aug, 2024 | 18:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Okta Verify for Windows is vulnerable to privilege escalation through DLL hijacking. The vulnerability is fixed in Okta Verify for Windows version 5.0.2. To remediate this vulnerability, upgrade to 5.0.2 or greater.

Action-Not Available
Vendor-oktaOkta
Product-verifyOkta Verify for Windows
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2024-6510
Matching Score-4
Assigner-cirosec GmbH
ShareView Details
Matching Score-4
Assigner-cirosec GmbH
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.70%
||
7 Day CHG~0.00%
Published-12 Sep, 2024 | 14:18
Updated-02 Oct, 2024 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Local privilege escalation vulnerability in AVG Internet Security

Local Privilege Escalation in AVG Internet Security v24 on Windows allows a local unprivileged user to escalate privileges to SYSTEM via COM-Hijacking.

Action-Not Available
Vendor-avgAVGavg
Product-internet_securityInternet Securityinternet_security
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CWE ID-CWE-427
Uncontrolled Search Path Element
CWE ID-CWE-749
Exposed Dangerous Method or Function
CVE-2024-5929
Matching Score-4
Assigner-Zero Day Initiative
ShareView Details
Matching Score-4
Assigner-Zero Day Initiative
CVSS Score-7.8||HIGH
EPSS-0.11% / 29.23%
||
7 Day CHG~0.00%
Published-21 Aug, 2024 | 16:12
Updated-23 Aug, 2024 | 16:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
VIPRE Advanced Security PMAgent Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

VIPRE Advanced Security PMAgent Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of VIPRE Advanced Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Patch Management Agent. The issue results from loading a file from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-22316.

Action-Not Available
Vendor-vipreVIPREvipre
Product-advanced_securityAdvanced Securityadvanced_security
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2024-48605
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-5.63% / 90.18%
||
7 Day CHG~0.00%
Published-22 Oct, 2024 | 00:00
Updated-30 Oct, 2024 | 21:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue in Helakuru Desktop Application v1.1 allows a local attacker to execute arbitrary code via the lack of proper validation of the wow64log.dll file.

Action-Not Available
Vendor-helakurun/ahelakuru
Product-helakurun/ahelakuru
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2024-45710
Matching Score-4
Assigner-SolarWinds
ShareView Details
Matching Score-4
Assigner-SolarWinds
CVSS Score-7.8||HIGH
EPSS-0.11% / 29.08%
||
7 Day CHG~0.00%
Published-16 Oct, 2024 | 07:16
Updated-01 Mar, 2025 | 04:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SolarWinds Platform Uncontrolled Search Path Element Local Privilege Escalation Vulnerability

SolarWinds Platform is susceptible to an Uncontrolled Search Path Element Local Privilege Escalation vulnerability. This requires a low privilege account and local access to the affected node machine.

Action-Not Available
Vendor-SolarWinds Worldwide, LLC.
Product-solarwinds_platformSolarWinds Platformsolarwinds_platform
CWE ID-CWE-427
Uncontrolled Search Path Element
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • Next
Details not found