Lucene search

[email protected]CVE-2020-26155

HistoryMar 18, 2021 - 5:15 p.m.

CVE-2020-26155

2021-03-1817:15:13

CWE-427

CWE-732

[email protected]

web.nvd.nist.gov

utimaco

securityserver

weak permissions

dll hijacking

cve-2020-26155

nvd

4.4 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

43.4%

JSON

Multiple files and folders in Utimaco SecurityServer 4.20.0.4 and 4.31.1.0. are installed with Read/Write permissions for authenticated users, which allows for binaries to be manipulated by non-administrator users. Additionally, entries are made to the PATH environment variable which, in conjunction with these weak permissions, could enable an attacker to perform a DLL hijacking attack.

Affected configurations

NVD

Node

utimacoblock-safe_firmwareMatch2.0.0

utimacoblock-safe_firmwareMatch3.0.0

utimacocryptoserver_cp5_firmwareMatch5.0.0.0

utimacocryptoserver_cp5_firmwareMatch5.1.0.0

utimacocryptoserver_cp5_vs-nfd_firmwareMatch5.1.0.0

utimacopaymentserver_firmwareRange3.0–4.31.0

utimacopaymentserver_hybrid_firmwareRange3.0–4.33.0

utimacosecurityserver_firmwareRange3.0–4.31.1

AND

microsoftwindowsMatch-

CPENameOperatorVersion
utimaco:block-safe_firmwareutimaco block-safe firmwareeq2.0.0
utimaco:block-safe_firmwareutimaco block-safe firmwareeq3.0.0
utimaco:cryptoserver_cp5_firmwareutimaco cryptoserver cp5 firmwareeq5.0.0.0
utimaco:cryptoserver_cp5_firmwareutimaco cryptoserver cp5 firmwareeq5.1.0.0
utimaco:cryptoserver_cp5_vs-nfd_firmwareutimaco cryptoserver cp5 vs-nfd firmwareeq5.1.0.0
utimaco:paymentserver_firmwareutimaco paymentserver firmwarele4.31.0
utimaco:paymentserver_hybrid_firmwareutimaco paymentserver hybrid firmwarele4.33.0
utimaco:securityserver_firmwareutimaco securityserver firmwarele4.31.1

CPE	Name	Operator	Version
utimaco:block-safe_firmware	utimaco block-safe firmware	eq	2.0.0
utimaco:block-safe_firmware	utimaco block-safe firmware	eq	3.0.0
utimaco:cryptoserver_cp5_firmware	utimaco cryptoserver cp5 firmware	eq	5.0.0.0
utimaco:cryptoserver_cp5_firmware	utimaco cryptoserver cp5 firmware	eq	5.1.0.0
utimaco:cryptoserver_cp5_vs-nfd_firmware	utimaco cryptoserver cp5 vs-nfd firmware	eq	5.1.0.0
utimaco:paymentserver_firmware	utimaco paymentserver firmware	le	4.31.0
utimaco:paymentserver_hybrid_firmware	utimaco paymentserver hybrid firmware	le	4.33.0
utimaco:securityserver_firmware	utimaco securityserver firmware	le	4.31.1

References

hsm.utimaco.com/products-hardware-security-modules/general-purpose-hsm/

secureyourit.co.uk/wp/2021/03/13/utimaco-cve-2020-26155/

Social References

4.4 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:P/I:P/A:P

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

43.4%

JSON

Related for CVE-2020-26155

nvd1 cvelist1 prion1