CVE-2020-10553

Name of the Vulnerable Software and Affected Versions Psyprax versions prior to 3.2.2

Description An issue was discovered where the file %PROGRAMDATA%Psyprax32PPScreen.ini contains a hash for the lockscreen of the application. If this entry is removed, the lockscreen is no longer displayed and the app is no longer locked. All local users are able to modify this file.

Recommendations For versions prior to 3.2.2, update to version 3.2.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the %PROGRAMDATA%Psyprax32PPScreen.ini file to prevent local users from modifying it.