CVE-2020-27643

Name of the Vulnerable Software and Affected Versions 1E Client versions 4.1.0.267 through 5.0.0.745

Description The issue allows remote authenticated users and local users to create and modify files in protected directories, leading to partial privilege escalation. This is achieved by creating a junction point to a system directory. Additionally, the Inventory module of the 1E Client does not handle an unquoted path when executing a specific executable, potentially allowing remote authenticated users and local users to gain elevated privileges by placing a malicious file in a specific temporary directory.

Recommendations For 1E Client version 4.1.0.267, update to a version that fixes the issue. For 1E Client version 5.0.0.745, update to a version that fixes the issue. As a temporary workaround, consider restricting access to the Tachyon.Performance.Metrics.exe executable and the %PROGRAMDATA%1EClient directory to minimize the risk of exploitation. Avoid using unquoted paths when executing system executables until the issue is resolved.