PT-2020-14103 · F Secure · F-Secure Safe

Published

2020-06-13

Updated

2021-07-21

CVE-2020-14978

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions F-Secure SAFE version 17.7

Description An issue was discovered due to incorrect client version verification, allowing an attacker to connect to a privileged XPC service and execute privileged commands on the system. The attacker needs to execute code on an already compromised machine.

Recommendations For F-Secure SAFE version 17.7, update to a newer version that addresses the incorrect client version verification issue to prevent exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2020-14978

Affected Products

F-Secure Safe

PT-2020-14103 · F Secure · F-Secure Safe

CVE-2020-14978

Related Identifiers

Affected Products

References · 7