CVE-2020-27644

Name of the Vulnerable Software and Affected Versions 1E Client version 5.0.0.745

Description The Inventory module of the 1E Client does not handle an unquoted path when executing %PROGRAMFILES%1EClientTachyon.Performance.Metrics.exe. This may allow remote authenticated users and local users to gain elevated privileges by placing a malicious cryptbase.dll file in %WINDIR%Temp.

Recommendations For 1E Client version 5.0.0.745, consider restricting access to the Inventory module until a patch is available. As a temporary workaround, avoid executing %PROGRAMFILES%1EClientTachyon.Performance.Metrics.exe with an unquoted path to minimize the risk of exploitation.