CVE-2020-24356

Summary

cloudflared versions prior to 2020.8.1 contain a local privilege escalation vulnerability on Windows systems. When run on a Windows system, cloudflared searches for configuration files which could be abused by a malicious entity to execute commands as a privileged user. Version 2020.8.1 fixes this issue.

Affected Software

VendorProductVersion RangeStatus
Cloudflarecloudflaredunspecified < 2020.8.1affected

Weaknesses

  • Local Privilege Escalation

ADP Enrichment

CVE Program Container

Additional References

References