CVE-2020-13540

Name of the Vulnerable Software and Affected Versions Win-911 Enterprise version 4.20.13

Description A local privilege elevation issue exists due to file system permissions in the install directory, specifically via the WIN-911 Account Change Utility. This allows an attacker to overwrite executables, potentially leading to privilege escalation when these executables are executed.

Recommendations For Win-911 Enterprise version 4.20.13, consider restricting access to the WIN-911 Account Change Utility to minimize the risk of exploitation. Additionally, ensure that file system permissions are properly set to prevent unauthorized modifications to executables. At the moment, there is no information about a newer version that contains a fix for this vulnerability.