Privilege Escalation Vulnerability in voidtools Everything Tool
CVE-2020-24567

7.8HIGH

Key Information:

Vendor

Voidtools

Status
Everything
Vendor
CVE Published:
21 August 2020

What is CVE-2020-24567?

voidtools Everything versions prior to 1.4.1 Beta Nightly 2020-08-18 are susceptible to privilege escalation. This vulnerability arises when a low-privileged user can create or modify files in the installation directory, leading to the potential inclusion of a malicious urlmon.dll file. If executed, this malicious file can grant elevated privileges to an attacker, compromising the security of the affected system. It's crucial for administrators to ensure proper permissions are enforced on installation directories to mitigate this risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://www.cymaera.com/articles/everything.html
x_refsource_MISC
https://www.voidtools.com/forum/viewtopic.php?p=32509#p32509
x_refsource_MISC

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.