CVE-2020-3427

Name of the Vulnerable Software and Affected Versions Windows Logon versions prior to 4.1.2

Description The issue allows an attacker with local user privileges to manipulate the installer into writing to arbitrary privileged directories by not properly validating file installation paths. This can lead to Denial of Service (DoS) by deleting files or potentially achieving elevation of privileges by replacing system files. The exploitation is only possible during new installations while the installer is running.

Recommendations For versions prior to 4.1.2, update to version 4.1.2 to resolve the issue.