CVE-2020-1985 Secdo: Incorrect Default Permissions
Attack Vector
LOCAL
Scope
UNCHANGED
Attack Complexity
LOW
Confidentiality Impact
HIGH
Privileges Required
LOW
Integrity Impact
HIGH
User Interaction
NONE
Availability Impact
HIGH
Description
Incorrect Default Permissions on C:\Programdata\Secdo\Logs folder in Secdo allows local authenticated users to overwrite system files and gain escalated privileges. This issue affects all versions Secdo for Windows.
Product Status
Versions | Affected | Unaffected |
---|---|---|
Secdo | all versions on Windows | None |
Severity: HIGH
CVSSv3.1 Base Score: 7.8 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
Weakness Type
CWE-276 Incorrect Default Permissions
Solution
This product is no longer supported and the issue will not be fixed. Change permission on C:\Programdata\Secdo\Logs folder to not allow unprivileged users access.
Workarounds and Mitigations
Change permission on C:\Programdata\Secdo\Logs to not allow unprivileged users access.
Acknowledgments
We like to thank Eviatar Gerzi of CyberArk Labs Team for discovering and reporting this issue.
Timeline
Initial publication