CVE-2020-23834

CVSS 8.8 HIGHEPSS 0.5%

Insecure Service File Permissions in the bd service in Real Time Logic BarracudaDrive v6.5 allow local attackers to escalate privileges to admin by replacing the %SYSTEMDRIVE%\bd\bd.exe file. When the computer next starts, the new bd.exe will be run as LocalSystem.

CVSS:3.1/AC:L/AV:L/A:H/C:H/I:H/PR:L/S:C/UI:N

Produtos afetados

n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://github.com/boku7/BarracudaDrivev6.5-LocalPrivEsc https://www.exploit-db.com/exploits/48789