← back
CVE-2020-27645

CVE-2020-27645

EPSS 1.2%
The Inventory module of the 1E Client 5.0.0.745 doesn't handle an unquoted path when executing %PROGRAMFILES%\1E\Client\Tachyon.Performance.Metrics.exe. This may allow remote authenticated users and local users to gain elevated privileges.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://help.1e.com/display/GI/1E+Security+Advisory-1E+Client+for+Windows%3A+CVE-2020-16268%2C+CVE-2020-27643%2C+CVE-2020-27644%2C+CVE-2020-27645