CVE-2020-15261

Name of the Vulnerable Software and Affected Versions Veyon Service versions prior to 4.4.2

Description The issue allows locally authenticated users with administrative privileges to run malicious executables with LocalSystem privileges due to an unquoted service path vulnerability. This is particularly dangerous in setups where users have administrative privileges, although Veyon users typically do not have such privileges.

Recommendations For versions prior to 4.4.2, update to version 4.4.2 to resolve the issue. As a temporary workaround, consider revoking administrative privileges from all potentially untrustworthy users to prevent exploitation.