CVE-2020-12798
Cellebrite UFED 7.5.0.845 Desktop Escape / Privilege Escalation
Severity Score
7.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
2
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Cellebrite UFED 5.0 to 7.5.0.845 implements local operating system policies that can be circumvented to obtain a command prompt via the Windows file dialog that is reachable via the Certificate-Based Authentication option of the Wireless Network Connection screen.
Cellebrite UFED versiones 5.0 hasta 7.5.0.845, implementa políticas de sistema operativo local que pueden ser evitadas para obtener un símbolo del sistema por medio del cuadro de diálogo de archivos de Windows que es accesible mediante la opción Certificate-Based Authentication de la pantalla Wireless Network Connection.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2020-05-12 CVE Reserved
- 2020-05-14 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-04 CVE Updated
- 2024-08-04 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-269: Improper Privilege Management
CAPEC
References (5)
| URL | Tag | Source |
|---|---|---|
| https://github.com/thatguylevel | Third Party Advisory | |
| https://korelogic.com/advisories.html | Third Party Advisory | |
| https://twitter.com/thatguylevel | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Sun-denshi Search vendor "Sun-denshi" | Universal Forensic Extraction Device Firmware Search vendor "Sun-denshi" for product "Universal Forensic Extraction Device Firmware" | >= 5.0 <= 7.5.0.845 Search vendor "Sun-denshi" for product "Universal Forensic Extraction Device Firmware" and version " >= 5.0 <= 7.5.0.845" | - |
Affected
| in | Sun-denshi Search vendor "Sun-denshi" | Universal Forensic Extraction Device Ruggedized Panasonic Laptop Search vendor "Sun-denshi" for product "Universal Forensic Extraction Device Ruggedized Panasonic Laptop" | - | - |
Safe
|
| Sun-denshi Search vendor "Sun-denshi" | Universal Forensic Extraction Device Firmware Search vendor "Sun-denshi" for product "Universal Forensic Extraction Device Firmware" | >= 5.0 <= 7.5.0.845 Search vendor "Sun-denshi" for product "Universal Forensic Extraction Device Firmware" and version " >= 5.0 <= 7.5.0.845" | - |
Affected
| in | Sun-denshi Search vendor "Sun-denshi" | Universal Forensic Extraction Device Touch 2 Search vendor "Sun-denshi" for product "Universal Forensic Extraction Device Touch 2" | - | - |
Safe
|
| Sun-denshi Search vendor "Sun-denshi" | Universal Forensic Extraction Device Firmware Search vendor "Sun-denshi" for product "Universal Forensic Extraction Device Firmware" | >= 5.0 <= 7.5.0.845 Search vendor "Sun-denshi" for product "Universal Forensic Extraction Device Firmware" and version " >= 5.0 <= 7.5.0.845" | - |
Affected
| in | Sun-denshi Search vendor "Sun-denshi" | Universal Forensic Extraction Device Touch 2 Ruggedized Search vendor "Sun-denshi" for product "Universal Forensic Extraction Device Touch 2 Ruggedized" | - | - |
Safe
|