CVE-2020-25289

Sažetak

The VPN service in AVAST SecureLine before 5.6.4982.470 allows local users to write to arbitrary files via an Object Manager symbolic link from the log directory (which has weak permissions).

Reference

CVSS

Base:	2.1
Impact:	2.9
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:L/AC:L/Au:N/C:N/I:P/A:N

Zadnje važnije ažuriranje

17-09-2020 - 19:52

Objavljeno

13-09-2020 - 20:15