CVE-2020-11081

Name of the Vulnerable Software and Affected Versions osquery versions prior to 4.4.0

Description The issue allows for a privilege escalation. If a Windows system has a PATH containing a user-writable directory, a local user can create a zlib1.dll DLL that osquery will attempt to load, enabling local escalation because osquery runs with elevated privileges.

Recommendations For versions prior to 4.4.0, update to version 4.4.0 to resolve the issue. As a temporary workaround, consider restricting the PATH environment variable to exclude user-writable directories until the update can be applied.