VYPR

Boxstarter installer

by Boxstarter

CVEs (1)

  • CVE-2020-15264HigOct 20, 2020
    risk 0.00cvss 8.0epss 0.01

    The Boxstarter installer before version 2.13.0 configures C:\ProgramData\Boxstarter to be in the system-wide PATH environment variable. However, this directory is writable by normal, unprivileged users. To exploit the vulnerability, place a DLL in this directory that a…