CVE-2020-13540

Description

An exploitable local privilege elevation vulnerability exists in the file system permissions of the Win-911 Enterprise V4.20.13 install directory via WIN-911 Account Change Utility. Depending on the vector chosen, an attacker can overwrite various executables which could lead to escalation of the privileges when executed.

CVSS Version 3.1
CVSS Version 3.0
CVSS Version 2.0

nvd
CVE ID: CVE-2020-13540
Base Score: 7.8
Base Severity: HIGH
Vector String:CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Impact Score: 5.9
Exploitability Score: 1.8

cisco
CVE ID: CVE-2020-13540
Base Score: 9.3
Base Severity: CRITICAL
Vector String:CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

nvd
CVE ID: CVE-2020-13540
Base Score: 4.6
Base Severity: MEDIUM
Vector String:AV:L/AC:L/Au:N/C:P/I:P/A:P

Refrence: NVD MITRE

Description​

Description