CVE-2020-14418

Sažetak

A TOCTOU vulnerability exists in madCodeHook before 2020-07-16 that allows local attackers to elevate their privileges to SYSTEM. This occurs because path redirection can occur via vectors involving directory junctions.

Reference

https://github.com/nettitude/metasploit-modules
https://labs.nettitude.com/blog/cve-2020-14418-madcodehook-library-local-privilege-escalation/

CVSS

Base:	6.9
Impact:	10.0
Exploitability:	3.4

Pristup

Vektor	Složenost	Autentikacija
LOCAL	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:L/AC:M/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

04-02-2021 - 16:16

Objavljeno

30-01-2021 - 06:15