Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2020-7255

Summary
Assigner-trellix
Assigner Org ID-01626437-bf8f-4d1c-912a-893b5eb04808
Published At-15 Apr, 2020 | 12:45
Updated At-16 Sep, 2024 | 22:01
Rejected At-
Credits

Privilege Escalation vulnerability  in ENS

Privilege escalation vulnerability in the administrative user interface in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2020 Update allows local users to gain elevated privileges via ENS not checking user permissions when editing configuration in the ENS client interface. Administrators can lock the ENS client interface through ePO to prevent users being able to edit the configuration.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:trellix
Assigner Org ID:01626437-bf8f-4d1c-912a-893b5eb04808
Published At:15 Apr, 2020 | 12:45
Updated At:16 Sep, 2024 | 22:01
Rejected At:
▼CVE Numbering Authority (CNA)
Privilege Escalation vulnerability  in ENS

Privilege escalation vulnerability in the administrative user interface in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2020 Update allows local users to gain elevated privileges via ENS not checking user permissions when editing configuration in the ENS client interface. Administrators can lock the ENS client interface through ePO to prevent users being able to edit the configuration.

Affected Products
Vendor
McAfee, LLCMcAfee LLC
Product
McAfee Endpoint Security (ENS)
Versions
Affected
  • From 10.x before 10.7.0 April 2020 Update (custom)
Problem Types
TypeCWE IDDescription
CWECWE-264CWE-264 Permissions, Privileges, and Access Controls
Type: CWE
CWE ID: CWE-264
Description: CWE-264 Permissions, Privileges, and Access Controls
Metrics
VersionBase scoreBase severityVector
3.13.9LOW
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L
Version: 3.1
Base score: 3.9
Base severity: LOW
Vector:
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
McAfee  credits  Lockheed Martin Red Team for   reporting this flaw
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://kc.mcafee.com/corporate/index?page=content&id=SB10309
x_refsource_CONFIRM
Hyperlink: https://kc.mcafee.com/corporate/index?page=content&id=SB10309
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://kc.mcafee.com/corporate/index?page=content&id=SB10309
x_refsource_CONFIRM
x_transferred
Hyperlink: https://kc.mcafee.com/corporate/index?page=content&id=SB10309
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:trellixpsirt@trellix.com
Published At:15 Apr, 2020 | 13:15
Updated At:07 Nov, 2023 | 03:25

Privilege escalation vulnerability in the administrative user interface in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2020 Update allows local users to gain elevated privileges via ENS not checking user permissions when editing configuration in the ENS client interface. Administrators can lock the ENS client interface through ePO to prevent users being able to edit the configuration.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.14.4MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
Secondary3.13.9LOW
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L
Primary2.03.6LOW
AV:L/AC:L/Au:N/C:N/I:P/A:P
Type: Primary
Version: 3.1
Base score: 4.4
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
Type: Secondary
Version: 3.1
Base score: 3.9
Base severity: LOW
Vector:
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:L
Type: Primary
Version: 2.0
Base score: 3.6
Base severity: LOW
Vector:
AV:L/AC:L/Au:N/C:N/I:P/A:P
CPE Matches
McAfee, LLC
mcafee
>>endpoint_security>>10.5.0
cpe:2.3:a:mcafee:endpoint_security:10.5.0:*:*:*:*:windows:*:*
McAfee, LLC
mcafee
>>endpoint_security>>10.5.1
cpe:2.3:a:mcafee:endpoint_security:10.5.1:*:*:*:*:windows:*:*
McAfee, LLC
mcafee
>>endpoint_security>>10.5.2
cpe:2.3:a:mcafee:endpoint_security:10.5.2:*:*:*:*:windows:*:*
McAfee, LLC
mcafee
>>endpoint_security>>10.5.3
cpe:2.3:a:mcafee:endpoint_security:10.5.3:*:*:*:*:windows:*:*
McAfee, LLC
mcafee
>>endpoint_security>>10.5.4
cpe:2.3:a:mcafee:endpoint_security:10.5.4:*:*:*:*:windows:*:*
McAfee, LLC
mcafee
>>endpoint_security>>10.5.5
cpe:2.3:a:mcafee:endpoint_security:10.5.5:*:*:*:*:windows:*:*
McAfee, LLC
mcafee
>>endpoint_security>>10.6.0
cpe:2.3:a:mcafee:endpoint_security:10.6.0:*:*:*:*:windows:*:*
Weaknesses
CWE IDTypeSource
CWE-269Primarynvd@nist.gov
CWE-264Secondarytrellixpsirt@trellix.com
CWE ID: CWE-269
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-264
Type: Secondary
Source: trellixpsirt@trellix.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://kc.mcafee.com/corporate/index?page=content&id=SB10309trellixpsirt@trellix.com
N/A
Hyperlink: https://kc.mcafee.com/corporate/index?page=content&id=SB10309
Source: trellixpsirt@trellix.com
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

77Records found
CVE-2019-3651
Matching Score-6
Assigner-Trellix
ShareView Details
Matching Score-6
Assigner-Trellix
CVSS Score-8.8||HIGH
EPSS-0.49% / 64.40%
||
7 Day CHG~0.00%
Published-13 Nov, 2019 | 22:45
Updated-04 Aug, 2024 | 19:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Advanced Threat Defense (ATD) - Information Disclosure vulnerability

Information Disclosure vulnerability in McAfee Advanced Threat Defense (ATD prior to 4.8 allows remote authenticated attackers to gain access to ePO as an administrator via using the atduser credentials, which were too permissive.

Action-Not Available
Vendor-McAfee, LLC
Product-advanced_threat_defenseAdvanced Threat Defense (ATD)
CWE ID-CWE-269
Improper Privilege Management
CVE-2019-3588
Matching Score-6
Assigner-Trellix
ShareView Details
Matching Score-6
Assigner-Trellix
CVSS Score-6.3||MEDIUM
EPSS-0.04% / 12.22%
||
7 Day CHG~0.00%
Published-10 Jun, 2020 | 11:47
Updated-16 Sep, 2024 | 20:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Using VSE to bypass Windows Credentials on Lock screen

Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 14 may allow unauthorized users to interact with the On-Access Scan Messages - Threat Alert Window when the Windows Login Screen is locked.

Action-Not Available
Vendor-McAfee, LLC
Product-virusscan_enterpriseMcAfee VirusScan Enterprise (VSE)
CWE ID-CWE-269
Improper Privilege Management
CVE-2019-3637
Matching Score-6
Assigner-Trellix
ShareView Details
Matching Score-6
Assigner-Trellix
CVSS Score-4.1||MEDIUM
EPSS-0.05% / 14.62%
||
7 Day CHG~0.00%
Published-14 Aug, 2019 | 16:23
Updated-04 Aug, 2024 | 19:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Privilege Escalation vulnerability in FRP 5.x earlier than 5.1.0.209

Privilege Escalation vulnerability in McAfee FRP 5.x prior to 5.1.0.209 allows local users to gain elevated privileges via running McAfee Tray with elevated privileges.

Action-Not Available
Vendor-McAfee, LLC
Product-file_and_removable_media_protection McAfee FRP
CWE ID-CWE-264
Not Available
CVE-2023-0221
Matching Score-6
Assigner-Trellix
ShareView Details
Matching Score-6
Assigner-Trellix
CVSS Score-4.4||MEDIUM
EPSS-0.01% / 0.99%
||
7 Day CHG~0.00%
Published-13 Jan, 2023 | 15:19
Updated-04 Apr, 2025 | 14:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Product security bypass vulnerability in ACC prior to version 8.3.4 allows a locally logged-in attacker with administrator privileges to bypass the execution controls provided by ACC using the utilman program.

Action-Not Available
Vendor-Musarubra US LLC (Trellix)McAfee, LLC
Product-application_and_change_controlApplication and Change Control
CWE ID-CWE-269
Improper Privilege Management
CVE-2021-23876
Matching Score-6
Assigner-Trellix
ShareView Details
Matching Score-6
Assigner-Trellix
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.11%
||
7 Day CHG~0.00%
Published-10 Feb, 2021 | 10:25
Updated-03 Aug, 2024 | 19:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
McAfee Total Protection (MTP) Bypass Remote Procedure call vulnerability

Bypass Remote Procedure call in McAfee Total Protection (MTP) prior to 16.0.30 allows a local user to gain elevated privileges and perform arbitrary file modification as the SYSTEM user potentially causing Denial of Service via executing carefully constructed malware.

Action-Not Available
Vendor-McAfee, LLC
Product-total_protectionMcAfee Total Protection (MTP)
CWE ID-CWE-269
Improper Privilege Management
CVE-2020-7274
Matching Score-6
Assigner-Trellix
ShareView Details
Matching Score-6
Assigner-Trellix
CVSS Score-6.6||MEDIUM
EPSS-0.11% / 30.58%
||
7 Day CHG~0.00%
Published-15 Apr, 2020 | 11:30
Updated-16 Sep, 2024 | 17:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ENS elevated permissions vulnerability

Privilege escalation vulnerability in McTray.exe in McAfee Endpoint Security (ENS) for Windows Prior to 10.7.0 April 2020 Update allows local users to spawn unrelated processes with elevated privileges via the system administrator granting McTray.exe elevated privileges (by default it runs with the current user's privileges).

Action-Not Available
Vendor-McAfee, LLC
Product-endpoint_securityMcAfee Endpoint Security (ENS)
CWE ID-CWE-269
Improper Privilege Management
CVE-2020-7311
Matching Score-6
Assigner-Trellix
ShareView Details
Matching Score-6
Assigner-Trellix
CVSS Score-7.8||HIGH
EPSS-0.03% / 6.00%
||
7 Day CHG~0.00%
Published-10 Sep, 2020 | 09:45
Updated-17 Sep, 2024 | 01:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Privilege Escalation vulnerability in MA for Windows

Privilege Escalation vulnerability in the installer in McAfee Agent (MA) for Windows prior to 5.6.6 allows local users to assume SYSTEM rights during the installation of MA via manipulation of log files.

Action-Not Available
Vendor-McAfee, LLC
Product-mcafee_agentMA for Windows
CWE ID-CWE-269
Improper Privilege Management
CVE-2020-7259
Matching Score-6
Assigner-Trellix
ShareView Details
Matching Score-6
Assigner-Trellix
CVSS Score-6.6||MEDIUM
EPSS-0.04% / 10.25%
||
7 Day CHG~0.00%
Published-15 Apr, 2020 | 11:55
Updated-17 Sep, 2024 | 00:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unsigned executable vulnerability in ENS can be used to bypass intended self-protection rules

Exploitation of Privilege/Trust vulnerability in file in McAfee Endpoint Security (ENS) Prior to 10.7.0 February 2020 Update allows local users to bypass local security protection via a carefully crafted input file

Action-Not Available
Vendor-McAfee, LLC
Product-endpoint_securityMcAfee Endpoint Security (ENS)
CWE ID-CWE-264
Not Available
CWE ID-CWE-269
Improper Privilege Management
CVE-2020-1991
Matching Score-4
Assigner-Palo Alto Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Palo Alto Networks, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.36%
||
7 Day CHG~0.00%
Published-08 Apr, 2020 | 18:41
Updated-17 Sep, 2024 | 00:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Traps: Insecure temporary file vulnerability may allow privilege escalation on Windows

An insecure temporary file vulnerability in Palo Alto Networks Traps allows a local authenticated Windows user to escalate privileges or overwrite system files. This issue affects Palo Alto Networks Traps 5.0 versions before 5.0.8; 6.1 versions before 6.1.4 on Windows. This issue does not affect Cortex XDR 7.0. This issue does not affect Traps for Linux or MacOS.

Action-Not Available
Vendor-Palo Alto Networks, Inc.Microsoft Corporation
Product-windowstrapsCortex XDRTraps
CWE ID-CWE-377
Insecure Temporary File
CWE ID-CWE-269
Improper Privilege Management
CVE-2009-2208
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-3.6||LOW
EPSS-0.04% / 12.00%
||
7 Day CHG~0.00%
Published-24 Jun, 2009 | 23:00
Updated-07 Aug, 2024 | 05:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

FreeBSD 6.3, 6.4, 7.1, and 7.2 does not enforce permissions on the SIOCSIFINFO_IN6 IOCTL, which allows local users to modify or disable IPv6 network interfaces, as demonstrated by modifying the MTU.

Action-Not Available
Vendor-n/aFreeBSD Foundation
Product-freebsdn/a
CWE ID-CWE-264
Not Available
CVE-2015-9267
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 12.41%
||
7 Day CHG~0.00%
Published-01 Oct, 2018 | 08:00
Updated-06 Aug, 2024 | 08:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Nullsoft Scriptable Install System (NSIS) before 2.49 uses temporary folder locations that allow unprivileged local users to overwrite files. This allows a local attack in which either a plugin or the uninstaller can be replaced by a Trojan horse program.

Action-Not Available
Vendor-nullsoftn/aDebian GNU/Linux
Product-nullsoft_scriptable_install_systemdebian_linuxn/a
CWE ID-CWE-269
Improper Privilege Management
CVE-2021-31961
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-6.1||MEDIUM
EPSS-0.32% / 54.71%
||
7 Day CHG~0.00%
Published-14 Jul, 2021 | 17:53
Updated-03 Aug, 2024 | 23:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows InstallService Elevation of Privilege Vulnerability

Windows InstallService Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2019windows_10Windows 10 Version 2004Windows Server version 2004Windows Server 2019 (Server Core installation)Windows 10 Version 21H1Windows 10 Version 1809Windows Server 2019Windows Server version 20H2Windows 10 Version 1909Windows 10 Version 20H2
CWE ID-CWE-269
Improper Privilege Management
CVE-2021-28497
Matching Score-4
Assigner-Arista Networks, Inc.
ShareView Details
Matching Score-4
Assigner-Arista Networks, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.05% / 13.87%
||
7 Day CHG~0.00%
Published-09 Sep, 2021 | 12:41
Updated-03 Aug, 2024 | 21:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line, under certain conditions, the bash shell might be accessible to unprivileged users in situations where they should not have access. This issue affects: Arista Metamako Operating System All releases in the MOS-0.1x train MOS-0.26.6 and below releases in the MOS-0.2x train MOS-0.31.1 and below releases in the MOS-0.3x train

Action-Not Available
Vendor-Arista Networks, Inc.
Product-metamako_operating_system7130Metamako Operating System
CWE ID-CWE-264
Not Available
CVE-2021-25363
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-6.8||MEDIUM
EPSS-0.01% / 2.04%
||
7 Day CHG~0.00%
Published-09 Apr, 2021 | 17:36
Updated-03 Aug, 2024 | 20:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An improper access control in ActivityManagerService prior to SMR APR-2021 Release 1 allows untrusted applications to access running processesdelete some local files.

Action-Not Available
Vendor-Google LLCSamsung Electronics
Product-androidSamsung Mobile Devices
CWE ID-CWE-269
Improper Privilege Management
CVE-2021-25482
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-5.9||MEDIUM
EPSS-0.05% / 13.95%
||
7 Day CHG~0.00%
Published-06 Oct, 2021 | 17:09
Updated-03 Aug, 2024 | 20:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SQL injection vulnerabilities in CMFA framework prior to SMR Oct-2021 Release 1 allow untrusted application to overwrite some CMFA framework information.

Action-Not Available
Vendor-Google LLCSamsung Electronics
Product-androidSamsung Mobile Devices
CWE ID-CWE-264
Not Available
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2021-25362
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-6.8||MEDIUM
EPSS-0.01% / 2.04%
||
7 Day CHG~0.00%
Published-09 Apr, 2021 | 17:36
Updated-03 Aug, 2024 | 20:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An improper permission management in CertInstaller prior to SMR APR-2021 Release 1 allows untrusted applications to delete certain local files.

Action-Not Available
Vendor-Google LLCSamsung Electronics
Product-androidSamsung Mobile Devices
CWE ID-CWE-269
Improper Privilege Management
CVE-2008-4228
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-3.6||LOW
EPSS-0.07% / 20.95%
||
7 Day CHG~0.00%
Published-25 Nov, 2008 | 23:00
Updated-07 Aug, 2024 | 10:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Passcode Lock feature in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 allows physically proximate attackers to leverage the emergency-call ability of locked devices to make a phone call to an arbitrary number.

Action-Not Available
Vendor-n/aApple Inc.
Product-iphone_osipod_touchn/a
CWE ID-CWE-264
Not Available
CVE-2022-27840
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-4.4||MEDIUM
EPSS-0.04% / 12.95%
||
7 Day CHG~0.00%
Published-11 Apr, 2022 | 19:37
Updated-03 Aug, 2024 | 05:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control vulnerability in SamsungRecovery prior to version 8.1.43.0 allows local attckers to delete arbitrary files as SamsungRecovery permission.

Action-Not Available
Vendor-SamsungSamsung Electronics
Product-recoverySamsung Recovery
CWE ID-CWE-269
Improper Privilege Management
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2008-2148
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-3.6||LOW
EPSS-0.07% / 20.36%
||
7 Day CHG~0.00%
Published-12 May, 2008 | 21:00
Updated-07 Aug, 2024 | 08:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The utimensat system call (sys_utimensat) in Linux kernel 2.6.22 and other versions before 2.6.25.3 does not check file permissions when certain UTIME_NOW and UTIME_OMIT combinations are used, which allows local users to modify file times of arbitrary files, possibly leading to a denial of service.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-264
Not Available
CVE-2008-2288
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-3.6||LOW
EPSS-0.09% / 26.29%
||
7 Day CHG~0.00%
Published-18 May, 2008 | 14:00
Updated-07 Aug, 2024 | 08:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Symantec Altiris Deployment Solution 6.8.x and 6.9.x before 6.9.176 has insufficient access control for deletion and modification of registry keys, which allows local users to cause a denial of service or obtain sensitive information.

Action-Not Available
Vendor-n/aSymantec Corporation
Product-altiris_deployment_solutionn/a
CWE ID-CWE-264
Not Available
CVE-2017-5703
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-6||MEDIUM
EPSS-0.12% / 32.07%
||
7 Day CHG~0.00%
Published-03 Apr, 2018 | 21:00
Updated-17 Sep, 2024 | 02:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Configuration of SPI Flash in platforms based on multiple Intel platforms allow a local attacker to alter the behavior of the SPI flash potentially leading to a Denial of Service.

Action-Not Available
Vendor-Intel Corporation
Product-xeon_phi_7230xeon_6126xeon_e3-1230_v5xeon_e7-8893_v3atom_c3750core_i7-7700kcore_i7-8705gxeon_e7-4860_v2xeon_phi_7230fxeon_e3-1558l_v5atom_c2730xeon_e7-8894_v4core_i7-7660ucore_i7-6600ucore_i7-8706gxeon_e7-8880l_v2xeon_e3-1565l_v5core_i7-5775rxeon_d-1527xeon_e3-1240_v6core_i7-8700xeon_e7-8870_v3xeon_e7-8880_v4core_i7-7700txeon_8160tatom_c2758xeon_e7-8891_v4celeron_n2815core_i7-6770hqcore_i7-8700kxeon_e3-1280_v5core_i7-5850eqxeon_d-1518atom_c2550core_i7-6822eqxeon_e7-4830_v2core_i7-6700teceleron_j3455xeon_e7-4820_v3xeon_phi_7290fxeon_e3-1501l_v6xeon_d-2143itxeon_d-2163itxeon_4116tcore_i7-7600uxeon_6142mxeon_e3-1285_v6xeon_e7-8880l_v3xeon_e3-1225_v6atom_c3538xeon_d-1567xeon_5122xeon_e3-1505l_v6xeon_e3-1240l_v5celeron_j3160xeon_3104xeon_6142fxeon_6144xeon_phi_7210fatom_x5-z8500core_i7-7700hqxeon_e7-4830_v3atom_x7-z8750xeon_6152core_i7-7820hkxeon_e3-1245_v5core_i7-5850hqcore_i7-6870hqatom_c3508xeon_4114xeon_e7-8870_v4xeon_6146xeon_6134mxeon_d-1571core_i7-6970hqxeon_6134xeon_5119txeon_d-2173itxeon_d-2123itceleron_n2840xeon_e7-8893_v2xeon_8156xeon_phi_7210xeon_e7-8890_v4atom_x7-z8700xeon_d-1539xeon_e7-8870_v2xeon_e3-1535m_v5core_i7-7700xeon_6142pentium_n3700xeon_e7-4809_v3xeon_e7-8891_v2core_i7-7920hqxeon_d-2146ntxeon_e3-1268l_v5xeon_e7-4850_v2xeon_e3-1545m_v5pentium_n3520core_i7-8750hxeon_e3-1501m_v6celeron_j3060xeon_d-2187ntxeon_e7-4870_v2atom_c2738xeon_6148xeon_e3-1578l_v5core_i7-6660uxeon_e3-1270_v5xeon_8164atom_x5-z8330xeon_5118core_i7-5500uxeon_e3-1260l_v5xeon_d-2166ntxeon_e3-1270_v6xeon_e3-1505m_v5xeon_8160matom_c3958xeon_4109tcore_i7-5650uxeon_6128xeon_d-2183itxeon_e7-2870_v2xeon_e7-8860_v3core_i7-8809gxeon_8160fxeon_4110core_i7-8700bcore_i7-8709gxeon_d-2145ntcore_i7-5950hqxeon_6154xeon_e7-8850_v2xeon_e3-1585_v5xeon_4116core_i7-5550ucore_i7-6560uatom_x5-e3930celeron_j3355core_i7-8700tatom_x7-e3950core_i7-6820hqxeon_8180mxeon_6140xeon_e7-4850_v3core_i7-8650uxeon_6130txeon_6136atom_x5-z8550xeon_8153core_i7-5600ucore_i7-6700txeon_5120tcore_i7-6920hqxeon_6132xeon_8170mxeon_8160xeon_e3-1230_v6xeon_8176fxeon_e7-8867_v4atom_c2338xeon_e7-2850_v2xeon_8158atom_x5-z8300xeon_6148fceleron_n3350atom_c3708xeon_8168xeon_d-1523nxeon_e7-8880_v3celeron_n3520xeon_d-1540xeon_e3-1280_v6xeon_e7-8880_v2xeon_phi_7250fceleron_n2807xeon_d-1528core_i7-6500uxeon_d-1577pentium_j3710xeon_6138tcore_i7-6700kxeon_d-2141ixeon_e7-4830_v4xeon_d-1541xeon_e7-4809_v2xeon_e7-8893_v4atom_x5-e8000xeon_e7-8891_v3xeon_4112xeon_d-1553nceleron_n2820atom_c2516core_i7-7560uatom_c3955core_i7-7820eqatom_c3850xeon_e3-1535m_v6xeon_d-1548xeon_4114txeon_d-1529xeon_e7-4820_v4xeon_e3-1220_v5celeron_n2805celeron_n2806atom_x5-e3940xeon_e3-1220_v6core_i7-6700hqxeon_e7-4809_v4atom_c2558pentium_n4200atom_c2718xeon_6150atom_x5-z8350xeon_d-1520atom_c2750xeon_5120core_i7-6785rcore_i7-6820hkatom_c3338atom_c2316core_i7-7500ucore_i7-8550uxeon_e7-8857_v2atom_c2358xeon_e7-2890_v2celeron_n2808pentium_j4205xeon_e3-1275_v6xeon_d-1531xeon_e7-4820_v2atom_c2518core_i7-6650uxeon_e3-1575m_v5xeon_e3-1505l_v5xeon_d-1533nxeon_e7-8867_v3xeon_e3-1245_v6xeon_d-2142itcore_i7-8850hxeon_6130xeon_phi_7250atom_c2530atom_c2508atom_c2538core_i7-6820eqcore_i7-7567uceleron_n2920core_i7-5557uxeon_6126fxeon_e7-8890_v2xeon_d-2161iatom_c3858xeon_e3-1235l_v5core_i7-5700hqcore_i7-7820hqxeon_6126txeon_e3-1585l_v5xeon_e7-8860_v4xeon_3106atom_c2350xeon_e3-1275_v5xeon_e3-1240_v5xeon_8170xeon_e7-4880_v2xeon_5115atom_c2308celeron_n2830xeon_e7-8890_v3xeon_8176core_i7-6567uxeon_6130fatom_c3808core_i7-5775cxeon_d-1513nceleron_n3450xeon_6138fxeon_8180xeon_e3-1515m_v5xeon_d-1537xeon_e3-1225_v5pentium_n3710xeon_d-1543nxeon_d-1559xeon_phi_7290xeon_d-1521xeon_e7-4890_v2celeron_n2810atom_c3950xeon_6140mcore_i7-5750hqcore_i7-5700eqatom_c3558xeon_6138core_i7-7y75xeon_8176mcore_i7-6700atom_c3308xeon_4108xeon_d-1557xeon_e7-4850_v4xeon_e3-1505m_v6core_i7-8559uxeon_d-2177ntatom_c3758atom_c3830xeon_e7-2880_v2Intel 6th generation Intel Core Processors, Intel 7th generation Processors, Intel Xeon Scalable Processors, Intel Xeon Processor E3 v5 Family, Intel Xeon Processor E3 v6 Family, and Intel Atom Processor C Series.
CWE ID-CWE-269
Improper Privilege Management
CVE-2017-5409
Matching Score-4
Assigner-Mozilla Corporation
ShareView Details
Matching Score-4
Assigner-Mozilla Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.07% / 21.68%
||
7 Day CHG~0.00%
Published-11 Jun, 2018 | 21:00
Updated-05 Aug, 2024 | 14:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Mozilla Windows updater can be called by a non-privileged user to delete an arbitrary local file by passing a special path to the callback parameter through the Mozilla Maintenance Service, which has privileged access. Note: This attack requires local system access and only affects Windows. Other operating systems are not affected. This vulnerability affects Firefox ESR < 45.8 and Firefox < 52.

Action-Not Available
Vendor-Mozilla CorporationMicrosoft Corporation
Product-firefoxwindowsfirefox_esrFirefoxFirefox ESR
CWE ID-CWE-269
Improper Privilege Management
CVE-2018-0092
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-7.1||HIGH
EPSS-0.11% / 30.43%
||
7 Day CHG~0.00%
Published-18 Jan, 2018 | 06:00
Updated-02 Dec, 2024 | 21:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the network-operator user role implementation for Cisco NX-OS System Software could allow an authenticated, local attacker to improperly delete valid user accounts. The network-operator role should not be able to delete other configured users on the device. The vulnerability is due to a lack of proper role-based access control (RBAC) checks for the actions that a user with the network-operator role is allowed to perform. An attacker could exploit this vulnerability by authenticating to the device with user credentials that give that user the network-operator role. Successful exploitation could allow the attacker to impact the integrity of the device by deleting configured user credentials. The attacker would need valid user credentials for the device. This vulnerability affects the following Cisco products running Cisco NX-OS System Software: Nexus 3000 Series Switches, Nexus 3600 Platform Switches, Nexus 9000 Series Switches in standalone NX-OS mode, Nexus 9500 R-Series Line Cards and Fabric Modules. Cisco Bug IDs: CSCvg21120.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-nexus_93108tc-ex_switchnexus_9396px_switchnx-osnexus_93180yc-ex_switchnexus_9396tx_switchnexus_92304qc_switchnexus_93180lc-ex_switchnexus_9372tx_switchnexus_9372px_switchnexus_9332pq_switchnexus_9336pq_aci_spine_switchnexus_93128tx_switchnexus_93120tx_switchnexus_9236c_switchnexus_92160yc_switchnexus_9372tx-e_switchnexus_92300yc_switchnexus_9372px-e_switchnexus_9508_switchnexus_9272q_switchCisco NX-OS
CWE ID-CWE-264
Not Available
CWE ID-CWE-862
Missing Authorization
CVE-2020-13522
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-8.8||HIGH
EPSS-0.05% / 13.98%
||
7 Day CHG~0.00%
Published-04 Aug, 2020 | 19:03
Updated-04 Aug, 2024 | 12:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An exploitable arbitrary file delete vulnerability exists in SoftPerfect RAM Disk 4.1 spvve.sys driver. A specially crafted I/O request packet (IRP) can allow an unprivileged user to delete any file on the filesystem. An attacker can send a malicious IRP to trigger this vulnerability.

Action-Not Available
Vendor-softperfectn/a
Product-ram_diskSoftPerfect
CWE ID-CWE-269
Improper Privilege Management
CVE-2020-0785
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.1||HIGH
EPSS-0.43% / 61.75%
||
7 Day CHG~0.00%
Published-12 Mar, 2020 | 15:48
Updated-04 Aug, 2024 | 06:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks, aka 'Windows User Profile Service Elevation of Privilege Vulnerability'.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2012windows_8.1windows_rt_8.1windows_7windows_10windows_server_2019windows_server_2008WindowsWindows ServerWindows 10 Version 1903 for x64-based SystemsWindows 10 Version 1903 for ARM64-based SystemsWindows 10 Version 1909 for ARM64-based SystemsWindows Server, version 1909 (Server Core installation)Windows 10 Version 1903 for 32-bit SystemsWindows Server, version 1903 (Server Core installation)Windows 10 Version 1909 for 32-bit SystemsWindows 10 Version 1909 for x64-based Systems
CWE ID-CWE-269
Improper Privilege Management
CVE-2019-19100
Matching Score-4
Assigner-Asea Brown Boveri Ltd. (ABB)
ShareView Details
Matching Score-4
Assigner-Asea Brown Boveri Ltd. (ABB)
CVSS Score-7.5||HIGH
EPSS-0.04% / 10.74%
||
7 Day CHG~0.00%
Published-29 Apr, 2020 | 02:09
Updated-05 Aug, 2024 | 02:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Privilege escalation via B&R Automation Studio upgrade service

A privilege escalation vulnerability in the upgrade service in B&R Automation Studio versions 4.0.x, 4.1.x, 4.2.x, < 4.3.11SP, < 4.4.9SP, < 4.5.4SP, <. 4.6.3SP, < 4.7.2 and < 4.8.1 allow authenticated users to delete arbitrary files via an exposed interface.

Action-Not Available
Vendor-B&R Industrial Automation GmbH
Product-automation_studioAutomation Studio
CWE ID-CWE-264
Not Available
CVE-2019-1454
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.28% / 51.04%
||
7 Day CHG~0.00%
Published-24 Jan, 2020 | 20:50
Updated-04 Aug, 2024 | 18:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks, aka 'Windows User Profile Service Elevation of Privilege Vulnerability'.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2012windows_8.1windows_rt_8.1windows_7windows_10windows_server_2019windows_server_2008WindowsWindows ServerWindows 10 Version 1903 for x64-based SystemsWindows 10 Version 1903 for ARM64-based SystemsWindows 10 Version 1903 for 32-bit SystemsWindows Server, version 1903 (Server Core installation)
CWE ID-CWE-269
Improper Privilege Management
  • Previous
  • 1
  • 2
  • Next
Details not found