CVE-2020-13541

Description

An exploitable local privilege elevation vulnerability exists in the file system permissions of the Mobile-911 Server V2.5 install directory. Depending on the vector chosen, an attacker can overwrite the service executable and execute arbitrary code with System privileges or replace other files within the installation folder that could lead to local privilege escalation.

CVSS Version 3.1
CVSS Version 3.0
CVSS Version 2.0

nvd
CVE ID: CVE-2020-13541
Base Score: 8.8
Base Severity: HIGH
Vector String:CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Impact Score: 6.0
Exploitability Score: 2.0

cisco
CVE ID: CVE-2020-13541
Base Score: 9.3
Base Severity: CRITICAL
Vector String:CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

nvd
CVE ID: CVE-2020-13541
Base Score: 7.2
Base Severity: HIGH
Vector String:AV:L/AC:L/Au:N/C:C/I:C/A:C

Refrence: NVD MITRE

Description​

Description