CVE-2020-27645

Name of the Vulnerable Software and Affected Versions 1E Client version 5.0.0.745

Description The Inventory module of the 1E Client does not properly handle an unquoted path when executing Tachyon.Performance.Metrics.exe. This issue may allow remote authenticated users and local users to gain elevated privileges by placing a malicious cryptbase.dll file in the %WINDIR%Temp directory.

Recommendations For 1E Client version 5.0.0.745, consider restricting access to the Inventory module until a patch is available. As a temporary workaround, avoid executing Tachyon.Performance.Metrics.exe from unquoted paths to minimize the risk of exploitation.