PT-2020-6894 · Qt Company+6 · Qt Library+6

Thiago Macieira

·

Published

2020-01-10

·

Updated

2024-06-15

·

CVE-2020-0570

CVSS v3.1

7.3

High

VectorAV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions QT Library versions prior to 5.14.0 QT Library versions prior to 5.12.7 QT Library versions prior to 5.9.10
Description The issue is related to an uncontrolled search path in the QT Library, which may allow an authenticated user to potentially enable elevation of privilege via local access. This vulnerability is associated with the use of an unreliable search path, and its exploitation can allow an attacker to elevate privileges in the system.
Recommendations For QT Library versions prior to 5.14.0, update to version 5.14.0 or later. For QT Library versions prior to 5.12.7, update to version 5.12.7 or later. For QT Library versions prior to 5.9.10, update to version 5.9.10 or later.

Exploit

Fix

LPE

Untrusted Search Path

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-426

Related Identifiers

ALSA-2020:4690
ALT-PU-2020-1143
ALT-PU-2020-1170
ALT-PU-2020-1267
ALT-PU-2020-1268
ALT-PU-2020-1269
ALT-PU-2020-1270
ALT-PU-2020-1271
ALT-PU-2020-1272
ALT-PU-2020-1273
ALT-PU-2020-1274
ALT-PU-2020-1275
ALT-PU-2020-1276
ALT-PU-2020-1277
ALT-PU-2020-1278
ALT-PU-2020-1279
ALT-PU-2020-1280
ALT-PU-2020-1281
ALT-PU-2020-1282
ALT-PU-2020-1283
ALT-PU-2020-1284
ALT-PU-2020-1285
ALT-PU-2020-1286
ALT-PU-2020-1287
ALT-PU-2020-1288
ALT-PU-2020-1289
ALT-PU-2020-1290
ALT-PU-2020-1291
ALT-PU-2020-1292
ALT-PU-2020-1293
ALT-PU-2020-1294
ALT-PU-2020-1295
ALT-PU-2020-1296
ALT-PU-2020-1297
ALT-PU-2020-1298
ALT-PU-2020-1350
ALT-PU-2020-1351
ALT-PU-2020-1352
ALT-PU-2020-1353
ALT-PU-2020-1354
ALT-PU-2020-1355
ALT-PU-2020-1356
ALT-PU-2020-1357
ALT-PU-2020-1358
ALT-PU-2020-1359
ALT-PU-2020-1360
ALT-PU-2020-1361
ALT-PU-2020-1362
ALT-PU-2020-1363
ALT-PU-2020-1364
ALT-PU-2020-1365
ALT-PU-2020-1366
ALT-PU-2020-1367
ALT-PU-2020-1368
ALT-PU-2020-1369
ALT-PU-2020-1370
ALT-PU-2020-1371
ALT-PU-2020-1372
ALT-PU-2020-1373
ALT-PU-2020-1374
ALT-PU-2020-1375
ALT-PU-2020-1376
ALT-PU-2020-1377
ALT-PU-2020-1378
ALT-PU-2020-1379
ALT-PU-2020-1380
ALT-PU-2020-1381
ALT-PU-2020-1382
ALT-PU-2020-1556
AZL-6834
BDU:2023-05053
CESA-2020_4025
CESA-2020_4690
CVE-2020-0570
DSA-4617-1
MGASA-2020-0080
OPENSUSE-SU-2024:10975-1
RHSA-2020:4025
RHSA-2020:4690
RHSA-2020_4025
RHSA-2020_4690
RLSA-2020:4690
USN-4275-1

Affected Products

Alt Linux
Almalinux
Centos
Qt Library
Red Hat
Rocky Linux
Ubuntu