Unrated severityNVD Advisory· Published Dec 29, 2020· Updated Aug 4, 2024
CVE-2020-27643
CVE-2020-27643
Description
The %PROGRAMDATA%\1E\Client directory in 1E Client 5.0.0.745 and 4.1.0.267 allows remote authenticated users and local users to create and modify files in protected directories (where they would not normally have access to create or modify files) via the creation of a junction point to a system directory. This leads to partial privilege escalation.
Affected products
2- 1E/1E Clientdescription
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.