The %PROGRAMDATA%\1E\Client directory in 1E Client 5.0.0.745 and 4.1.0.267 allows remote authenticated users and local users to create and modify files in protected directories (where they would not normally have access to create or modify files) via the creation of a junction point to a system directory. This leads to partial privilege escalation.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2020-12-29T20:08:52

Updated: 2024-08-04T16:18:45.566Z

Reserved: 2020-10-22T00:00:00

Link: CVE-2020-27643

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-12-29T21:15:13.163

Modified: 2024-11-21T05:21:34.570

Link: CVE-2020-27643

cve-icon Redhat

No data.