CVE-2020-1985 Secdo: Incorrect Default Permissions
Incorrect Default Permissions on C:\Programdata\Secdo\Logs folder in Secdo allows local authenticated users to overwrite system files and gain escalated privileges. This issue affects all versions Secdo for Windows.
|Secdo||all versions on Windows|
CVSSv3.1 Base Score:7.8 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
This product is no longer supported and the issue will not be fixed. Change permission on C:\Programdata\Secdo\Logs folder to not allow unprivileged users access.
Workarounds and Mitigations
Change permission on C:\Programdata\Secdo\Logs to not allow unprivileged users access.