CVE-2020-7867

Summary

An improper input validation vulnerability in Helpu solution could allow a local attacker to arbitrary file creation and execution without click file transfer menu. It is possible to file in arbitrary directory for user because the viewer program receive the file from agent with privilege of administrator.

Affected Software

VendorProductVersion RangeStatus
HelpUHelpuViewer.exe2018.5.21.0 <= 2018.5.21.0affected

Weaknesses

  • CWE-20: CWE-20 Improper Input Validation

ADP Enrichment

CVE Program Container

Additional References

References