PT-2020-13670 · Ivanti+1 · Ivanti Endpoint Manager+1

Andrei Constantin Scutariu

Published

2020-11-12

Updated

2020-11-24

CVE-2020-13771

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Ivanti Endpoint Manager versions prior to 2020.1.1

Description The issue allows for code execution and elevation of privileges to the level of privilege held by the vulnerable component, such as NT AUTHORITYSYSTEM, via DLL hijacking under certain conditions. This is due to various components relying on Windows search order when loading a nonexistent library file. The affected components include ldiscn32.exe, IpmiRedirectionService.exe, LDAPWhoAmI.exe, and ldprofile.exe.

Recommendations For Ivanti Endpoint Manager versions prior to 2020.1.1, update to version 2020.1.1 or later to resolve the issue.

Fix

Uncontrolled Search Path Element

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-427

Related Identifiers

CVE-2020-13771

Affected Products

Ivanti Endpoint Manager

Windows

PT-2020-13670 · Ivanti+1 · Ivanti Endpoint Manager+1

CVE-2020-13771

Weakness Enumeration

Related Identifiers

Affected Products

References · 4