CVE-2020-24562 - OpenCVE

A vulnerability in Trend Micro OfficeScan XG SP1 on Microsoft Windows may allow an attacker to create a hard link to any file on the system, which then could be manipulated to gain a privilege escalation and code execution. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This CVE is similar, but not identical to CVE-2020-24556.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:L/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Microsoft	Windows
Trendmicro	Officescan

Configuration 1 [-]

AND

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

cpe:2.3:a:trendmicro:officescan:xg:sp1:*:*:*:*:*:*

No data.

References

Link	Providers
https://success.trendmicro.com/solution/000263633
https://www.zerodayinitiative.com/advisories/ZDI-20-1226/

History

No history.

MITRE

Status: PUBLISHED

Assigner: trendmicro

Published: 2020-09-28T23:30:41

Updated: 2024-08-04T15:19:07.370Z

Reserved: 2020-08-20T00:00:00

Link: CVE-2020-24562

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2020-09-29T00:15:12.190

Modified: 2021-07-21T11:39:23.747

Link: CVE-2020-24562

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Trend Micro OfficeScan", "vendor": "Trend Micro", "versions": [{"status": "affected", "version": "XG SP1"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in Trend Micro OfficeScan XG SP1 on Microsoft Windows may allow an attacker to create a hard link to any file on the system, which then could be manipulated to gain a privilege escalation and code execution. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This CVE is similar, but not identical to CVE-2020-24556."}], "problemTypes": [{"descriptions": [{"description": "Hard Link Priv Escalation", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-09-28T23:30:41", "orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272", "shortName": "trendmicro"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://success.trendmicro.com/solution/000263633"}, {"tags": ["x_refsource_MISC"], "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1226/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@trendmicro.com", "ID": "CVE-2020-24562", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Trend Micro OfficeScan", "version": {"version_data": [{"version_value": "XG SP1"}]}}]}, "vendor_name": "Trend Micro"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability in Trend Micro OfficeScan XG SP1 on Microsoft Windows may allow an attacker to create a hard link to any file on the system, which then could be manipulated to gain a privilege escalation and code execution. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This CVE is similar, but not identical to CVE-2020-24556."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Hard Link Priv Escalation"}]}]}, "references": {"reference_data": [{"name": "https://success.trendmicro.com/solution/000263633", "refsource": "MISC", "url": "https://success.trendmicro.com/solution/000263633"}, {"name": "https://www.zerodayinitiative.com/advisories/ZDI-20-1226/", "refsource": "MISC", "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1226/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T15:19:07.370Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://success.trendmicro.com/solution/000263633"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1226/"}]}]}, "cveMetadata": {"assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272", "assignerShortName": "trendmicro", "cveId": "CVE-2020-24562", "datePublished": "2020-09-28T23:30:41", "dateReserved": "2020-08-20T00:00:00", "dateUpdated": "2024-08-04T15:19:07.370Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:trendmicro:officescan:xg:sp1:*:*:*:*:*:*", "matchCriteriaId": "64600B42-4884-41F2-A683-AE1EDB79372E", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability in Trend Micro OfficeScan XG SP1 on Microsoft Windows may allow an attacker to create a hard link to any file on the system, which then could be manipulated to gain a privilege escalation and code execution. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This CVE is similar, but not identical to CVE-2020-24556."}, {"lang": "es", "value": "Una vulnerabilidad en Trend Micro OfficeScan XG SP1 en Microsoft Windows, puede permitir a un atacante crear un enlace f\u00edsico hacia cualquier archivo del sistema, que luego podr\u00eda ser manipulado para obtener una escalada de privilegios y una ejecuci\u00f3n de c\u00f3digo. Un atacante debe primero obtener la capacidad de ejecutar c\u00f3digo poco privilegiado en el sistema objetivo para explotar esta vulnerabilidad. Este CVE es similar, pero no id\u00e9ntico a CVE-2020-24556"}], "id": "CVE-2020-24562", "lastModified": "2021-07-21T11:39:23.747", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-09-29T00:15:12.190", "references": [{"source": "security@trendmicro.com", "tags": ["Vendor Advisory"], "url": "https://success.trendmicro.com/solution/000263633"}, {"source": "security@trendmicro.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1226/"}], "sourceIdentifier": "security@trendmicro.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-59"}], "source": "nvd@nist.gov", "type": "Primary"}]}