Incorrect Default Permissions on C:\Programdata\Secdo\Logs folder in Secdo allows local authenticated users to overwrite system files and gain escalated privileges. This issue affects all versions Secdo for Windows.
Recent assessments:
xFreed0m at April 10, 2020 3:06pm UTC reported:
Attack Vector LOCAL
Attack Complexity LOW
Privileges Required LOW
User Interaction NONE
Scope UNCHANGED
Confidentiality Impact HIGH
Integrity Impact HIGH
Availability Impact HIGH
Incorrect Default Permissions on C:\Programdata\Secdo\Logs folder in Secdo allows local authenticated users to overwrite system files and gain escalated privileges. This issue affects all versions Secdo for Windows.
Product Status
Secdo
Versions Affected
all versions on Windows
Severity: HIGH
CVSSv3.1 Base Score: 7.8 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
This product is no longer supported and the issue will not be fixed. Change permission on C:\Programdata\Secdo\Logs folder to not allow unprivileged users access.
Change permission on C:\Programdata\Secdo\Logs to not allow unprivileged users access.
We like to thank Eviatar Gerzi of CyberArk Labs Team for discovering and reporting this issue.
<https://security.paloaltonetworks.com/CVE-2020-1985>
Assessed Attacker Value: 4
Assessed Attacker Value: 4Assessed Attacker Value: 4