Palo Alto Networks Security Advisories
CVE-2020-1985 CVE-2020-1985 Secdo: Incorrect Default Permissions
Attack Vector LOCAL
Attack Complexity LOW
Privileges Required LOW
User Interaction NONE
Confidentiality Impact HIGH
Integrity Impact HIGH
Availability Impact HIGH NVD JSON Published 2020-04-08 Updated 2020-04-27
Reference PDV-1614 Discovered externally Description
Incorrect Default Permissions on C:\Programdata\Secdo\Logs folder in Secdo allows local authenticated users to overwrite system files and gain escalated privileges. This issue affects all versions Secdo for Windows.
Versions Affected Unaffected Secdo all versions on Windows Severity: HIGH
CVSSv3.1 Base Score: 7.8 (
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) Weakness Type CWE-276 Incorrect Default Permissions Solution
This product is no longer supported and the issue will not be fixed. Change permission on C:\Programdata\Secdo\Logs folder to not allow unprivileged users access.
Workarounds and Mitigations
Change permission on C:\Programdata\Secdo\Logs to not allow unprivileged users access.
We like to thank Eviatar Gerzi of CyberArk Labs Team for discovering and reporting this issue.
Timeline 2020-04-08 Initial publication
© 2020 Palo Alto Networks, Inc. All rights reserved.