CVE-2020-16268

Name of the Vulnerable Software and Affected Versions 1E Client versions 4.1.0.267 through 5.0.0.745

Description The issue allows remote authenticated users and local users to gain elevated privileges. This can be achieved through the repair option in the MSI installer when a TRANSFORM (MST) with the option to disable the installation of the Nomad module is applied. An attacker can craft a .reg file in a specific location to write to any registry key as an elevated user. Additionally, the Inventory module of the 1E Client does not handle an unquoted path when executing a specific executable, potentially allowing attackers to gain elevated privileges by placing a malicious file in a temporary directory.

Recommendations For 1E Client version 4.1.0.267, consider disabling the repair option in the MSI installer until a patch is available. For 1E Client version 5.0.0.745, restrict access to the Inventory module to minimize the risk of exploitation, and avoid executing the Tachyon.Performance.Metrics.exe file from untrusted locations. At the moment, there is no information about a newer version that contains a fix for this vulnerability.