CVE-2020-1986
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
Improper input validation vulnerability in Secdo allows an authenticated local user with 'create folders or append data' access to the root of the OS disk (C:) to cause a system crash on every login. This issue affects all versions Secdo for Windows.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Secdo | Secdo | all versions | affected |
Weaknesses
- CWE-20: CWE-20 Improper Input Validation
Workarounds
Exploitation of this issue can be prevented by creating a "C:\proc" folder and not allowing unprivileged users to access that folder.
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.