CVE-2020-24567

Name of the Vulnerable Software and Affected Versions voidtools Everything versions prior to 1.4.1 Beta Nightly 2020-08-18

Description The issue allows privilege escalation via a Trojan horse urlmon.dll file in the installation directory. This is only relevant if low-privileged users can write to the installation directory, which may be considered a site-specific configuration error.

Recommendations For versions prior to 1.4.1 Beta Nightly 2020-08-18, update to version 1.4.1 Beta Nightly 2020-08-18 or later to resolve the issue. As a temporary workaround, consider restricting write access to the installation directory to prevent low-privileged users from exploiting this issue.