Palo Alto Networks Security Advisories / CVE-2020-1985

CVE-2020-1985 Secdo: Incorrect Default Permissions


047910
Severity 7.8 · HIGH
Attack Vector LOCAL
Scope UNCHANGED
Attack Complexity LOW
Confidentiality Impact HIGH
Privileges Required LOW
Integrity Impact HIGH
User Interaction NONE
Availability Impact HIGH
CVE JSON CSAF
Published 2020-04-08
Updated 2020-04-08
Reference PDV-1614
Discovered externally

Description

Incorrect Default Permissions on C:\Programdata\Secdo\Logs folder in Secdo allows local authenticated users to overwrite system files and gain escalated privileges. This issue affects all versions Secdo for Windows.

Product Status

VersionsAffectedUnaffected
SecdoAll on WindowsNone on Windows

Severity: HIGH

CVSSv3.1 Base Score: 7.8 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

Exploitation Status

Palo Alto Networks is not aware of any malicious exploitation of this issue.

Weakness Type

CWE-276 Incorrect Default Permissions

Solution

This product is no longer supported and the issue will not be fixed. Change permission on C:\Programdata\Secdo\Logs folder to not allow unprivileged users access.

Workarounds and Mitigations

Change permission on C:\Programdata\Secdo\Logs to not allow unprivileged users access.

Acknowledgments

We like to thank Eviatar Gerzi of CyberArk Labs Team for discovering and reporting this issue.

CPE Applicability

Timeline

Initial publication
Terms of usePrivacyProduct Security Assurance and Vulnerability Disclosure PolicyReport vulnerabilitiesManage subscriptions
© 2025 Palo Alto Networks, Inc. All rights reserved.