8

CVE-2020-15261

Exploit

Unquoted service path vulnerability on Veyon

On Windows the Veyon Service before version 4.4.2 contains an unquoted service path vulnerability, allowing locally authenticated users with administrative privileges to run malicious executables with LocalSystem privileges. Since Veyon users (both students and teachers) usually don't have administrative privileges, this vulnerability is only dangerous in anyway unsafe setups. The problem has been fixed in version 4.4.2. As a workaround, the exploitation of the vulnerability can be prevented by revoking administrative privileges from all potentially untrustworthy users.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
VeyonVeyon Version < 4.4.2
   MicrosoftWindows Version-
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 11.12% 0.954
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.7 0.8 5.9
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 7.2 3.9 10
AV:L/AC:L/Au:N/C:C/I:C/A:C
security-advisories@github.com 8 1.3 6
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
CWE-428 Unquoted Search Path or Element

The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path.

http://packetstormsecurity.com/files/162873/Veyon-4.4.1-Unquoted-Service-Path.html
Third Party Advisory
Exploit
VDB Entry
https://github.com/veyon/veyon/commit/f231ec511b9a09f43f49b2c7bb7c60b8046276b1
Patch
Third Party Advisory
https://github.com/veyon/veyon/issues/657
Third Party Advisory
Issue Tracking
https://github.com/veyon/veyon/security/advisories/GHSA-c8cc-x786-hqqp
Third Party Advisory
https://www.exploit-db.com/exploits/48246
Third Party Advisory
Exploit
VDB Entry
https://www.exploit-db.com/exploits/49925
Third Party Advisory
Exploit
VDB Entry