CVE-2020-5755

Summary

Webroot endpoint agents prior to version v9.0.28.48 did not protect the "%PROGRAMDATA%\WrData\PKG" directory against renaming. This could allow attackers to trigger a crash or wait upon Webroot service restart to rewrite and hijack dlls in this directory for privilege escalation.

Affected Software

VendorProductVersion RangeStatus
n/aWebroot SecureAnywhereAll versions prior to version v9.0.28.48affected

Weaknesses

  • Local Privilege Escalation

ADP Enrichment

CVE Program Container

Additional References

References