CVE-2020-13539

Description

An exploitable local privilege elevation vulnerability exists in the file system permissions of the Win-911 Enterprise V4.20.13 install directory via “WIN-911 Mobile Runtime” service. Depending on the vector chosen, an attacker can overwrite various executables which could lead to escalation of the privileges when executed.

CVSS Version 3.1
CVSS Version 3.0
CVSS Version 2.0

nvd
CVE ID: CVE-2020-13539
Base Score: 7.8
Base Severity: HIGH
Vector String:CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Impact Score: 5.9
Exploitability Score: 1.8

cisco
CVE ID: CVE-2020-13539
Base Score: 9.3
Base Severity: CRITICAL
Vector String:CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

nvd
CVE ID: CVE-2020-13539
Base Score: 4.6
Base Severity: MEDIUM
Vector String:AV:L/AC:L/Au:N/C:P/I:P/A:P

Refrence: NVD MITRE

Description​

Description