CVE-2020-6012

Name of the Vulnerable Software and Affected Versions ZoneAlarm Anti-Ransomware versions prior to 1.0.713

Description The issue allows a sophisticated timed attacker to replace files with malicious content, enabling an unprivileged user to escalate privileges via local access. This can be achieved by exploiting unpatched systems or using symbolic links.

Recommendations For versions prior to 1.0.713, update to version 1.0.713 or later to resolve the issue. As a temporary workaround, consider restricting access to the directory where files are copied for the report to minimize the risk of exploitation.