CVE-2020-36916

Sažetak

TDM Digital Signage PC Player 4.1.0.4 contains an elevation of privileges vulnerability that allows authenticated users to modify executable files. Attackers can leverage the 'Modify' permissions for authenticated users to replace executable files with malicious binaries and gain elevated system access.

Reference

https://exchange.xforce.ibmcloud.com/vulnerabilities/190627
https://packetstorm.news/files/id/159723
https://pro.sony/en_NL/products/display-software/tdm-ds1y-tdm-ds3y
https://www.exploit-db.com/exploits/48953
https://www.tdmsignage.com
https://www.vulncheck.com/advisories/tdm-digital-signage-pc-player-privilege-escalation-via-insecure-permissions
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5604.php
https://www.exploit-db.com/exploits/48953

CVSS

Base:	8.8
Impact:	5.9
Exploitability:	2.8

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	LOW

Impact

Povjerljivost	Cjelovitost	Dostupnost
HIGH	HIGH	HIGH

CVSS vektor

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Zadnje važnije ažuriranje

08-01-2026 - 18:09

Objavljeno

06-01-2026 - 16:15