CVE-2020-36916
TDM Digital Signage PC Player 4.1.0.4 Privilege Escalation via Insecure Permissions
TDM Digital Signage PC Player 4.1.0.4 contains an elevation of privileges vulnerability that allows authenticated users to modify executable files. Attackers can leverage the 'Modify' permissions for authenticated users to replace executable files with malicious binaries and gain elevated system access.
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Produtos afetados
Tdmsignage · TDM Digital Signage PC PlayerQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
https://exchange.xforce.ibmcloud.com/vulnerabilities/190627https://packetstorm.news/files/id/159723https://pro.sony/en_NL/products/display-software/tdm-ds1y-tdm-ds3yhttps://www.exploit-db.com/exploits/48953https://www.tdmsignage.comhttps://www.vulncheck.com/advisories/tdm-digital-signage-pc-player-privilege-escalation-via-insecure-permissionshttps://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5604.php