Lucene search

MitreCVE-2020-24088

HistorySep 11, 2023 - 3:15 p.m.

CVE-2020-24088

2023-09-1115:15:52

mitre

web.nvd.nist.gov

cve-2020-24088

foxconn

live update utility

privilege escalation

security issue

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.5

Confidence

High

EPSS

Percentile

5.1%

JSON

An issue was discovered in MmMapIoSpace routine in Foxconn Live Update Utility 2.1.6.26, allows local attackers to escalate privileges.

Affected configurations

Nvd

Node

foxconnlive_update_utilityMatch2.1.6.26

AND

microsoftwindowsMatch-

VendorProductVersionCPE
foxconnlive_update_utility2.1.6.26cpe:2.3:a:foxconn:live_update_utility:2.1.6.26:*:*:*:*:*:*:*
microsoftwindows-cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
foxconn	live_update_utility	2.1.6.26	cpe:2.3:a:foxconn:live_update_utility:2.1.6.26:::::::*
microsoft	windows	-	cpe:2.3:o:microsoft:windows:-:::::::*

References

blog.rewolf.pl/blog/?p=1630

dronesec.pw/blog/2018/05/17/dell-supportassist-local-privilege-escalation/

github.com/rjt-gupta/CVE-2020-24088

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.5

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for CVE-2020-24088