Vulnerability Details : CVE-2020-3427
The Windows Logon installer prior to 4.1.2 did not properly validate file installation paths. This allows an attacker with local user privileges to coerce the installer to write to arbitrary privileged directories. If successful, an attacker can manipulate files used by Windows Logon, cause Denial of Service (DoS) by deleting file(s), or replace system files to potentially achieve elevation of privileges. Note that this can only exploitable during new installations while the installer is running and is not exploitable once installation is finished. Versions 4.1.2 of Windows Logon addresses this issue.
Vulnerability category: Gain privilegeDenial of service
Products affected by CVE-2020-3427
- cpe:2.3:a:cisco:duo_authentication_for_windows_logon_and_rdp:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2020-3427
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 6 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2020-3427
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.6
|
MEDIUM | AV:L/AC:L/Au:N/C:P/I:P/A:P |
3.9
|
6.4
|
NIST | |
7.8
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST | |
6.6
|
MEDIUM | CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N |
1.3
|
5.2
|
Cisco Systems, Inc. |
CWE ids for CVE-2020-3427
-
The product does not handle or incorrectly handles when it has insufficient privileges to access resources or functionality as specified by their permissions. This may cause it to follow unexpected code paths that may leave the product in an invalid state.Assigned by: ykramarz@cisco.com (Secondary)
References for CVE-2020-3427
-
https://duo.com/docs/rdp-notes
2FA for Windows Logon and RDP - Release Notes | Duo SecurityRelease Notes;Vendor Advisory
Jump to