CVE-2020-4717

Vulnerability

A vulnerability in the IBM SPSS Modeler Subscription Installer on Windows allows a user who has permission to create symbolic links to write arbitrary files into a protected path during product installation [1]. The issue affects all versions of SPSS Modeler Subscription prior to the 2021-March update [1].

Exploitation

An attacker must have local access to the system and the ability to create symbolic links. During the installation process, the attacker can place a crafted symbolic link that redirects file writes from the installer to a target location that would otherwise be protected. No authentication beyond local user privileges is required; the vulnerability is triggered during a standard installation [1].

Impact

Successful exploitation allows the attacker to write arbitrary files to a protected path, potentially overwriting critical system files or gaining elevated privileges. The CVSS v3.0 base score is 6.2, reflecting a high impact on integrity (C:N/I:H/A:N) with no impact on confidentiality or availability and no requirement for user interaction [1].

Mitigation

IBM has fixed the vulnerability in the SPSS Modeler Subscription 2021-March update. Users should upgrade to this or later versions. No known workarounds or mitigations exist for unpatched installations [1].