CVE-2020-15351

{"id": "CVE-2020-15351", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2020-06-26T19:15:10.373", "references": [{"url": "https://github.com/active-labs/Advisories/blob/master/2020/ACTIVE-2020-004.md", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.idrive.com/release-info#win", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-276"}]}], "descriptions": [{"lang": "en", "value": "IDrive before 6.7.3.19 on Windows installs by default to %PROGRAMFILES(X86)%\\IDriveWindows with weak folder permissions granting any user modify permission (i.e., NT AUTHORITY\\Authenticated Users:(OI)(CI)(M)) to the contents of the directory and its sub-folders. In addition, the program installs a service called IDriveService that runs as LocalSystem. Thus, any standard user can escalate privileges to NT AUTHORITY\\SYSTEM by substituting the service's binary with a malicious one."}, {"lang": "es", "value": "IDrive versiones anteriores a 6.7.3.19 en Windows, se instala por defecto en %PROGRAMFILES(X86)%\\IDriveWindows con permisos de carpeta d\u00e9biles que otorgan a cualquier usuario permiso de modificaci\u00f3n (es decir, NT AUTHORITY\\Authenticated Users:(OI)(CI)(M)) al contenido del directorio y sus subcarpetas. Adem\u00e1s, el programa instala un servicio llamado IDriveService que se ejecuta como LocalSystem. Por lo tanto, cualquier usuario est\u00e1ndar puede escalar privilegios hacia NT AUTHORITY\\SYSTEM al sustituir el binario del servicio por uno malicioso"}], "lastModified": "2020-07-06T18:38:16.450", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:idrive:idrive:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E485D385-A49A-41BA-A070-156235680CF7", "versionEndExcluding": "6.7.3.19"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}