PT-2020-12855 · Z-Cron · Z-Cron

Published

2020-04-15

Updated

2020-04-22

CVE-2020-11799

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Z-Cron version 5.6 Build 04

Description The issue allows an unprivileged attacker to elevate privileges by modifying a privileged user's task. This can also affect all users who are signed in on the system if a shell is placed in a location that other unprivileged users have access to.

Recommendations For Z-Cron version 5.6 Build 04, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Improper Privilege Management

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-269

Related Identifiers

CVE-2020-11799

Affected Products

Z-Cron

PT-2020-12855 · Z-Cron · Z-Cron

CVE-2020-11799

Weakness Enumeration

Related Identifiers

Affected Products

References · 3