// For flags

CVE-2020-1986

Secdo: Local authenticated users can cause Windows system crash

Severity Score

5.5
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Improper input validation vulnerability in Secdo allows an authenticated local user with 'create folders or append data' access to the root of the OS disk (C:\) to cause a system crash on every login. This issue affects all versions Secdo for Windows.

Una vulnerabilidad de comprobaciĆ³n de entrada incorrecta en Secdo, permite que un usuario local autenticado con acceso para "create folders or append data" en la root del disco del Sistema Operativo (C:\) para causar un bloqueo del sistema en cada inicio de sesiĆ³n. Este problema afecta a todas las versiones de Secdo para Windows.

*Credits: We like to thank Eviatar Gerzi of CyberArk Labs Team for discovering and reporting this issue.
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Attack Vector
Local
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
None
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2019-12-04 CVE Reserved
  • 2020-04-08 CVE Published
  • 2023-03-08 EPSS Updated
  • 2024-09-16 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-20: Improper Input Validation
CAPEC
References (1)
URL Tag Source
URL Date SRC
URL Date SRC
URL Date SRC
https://security.paloaltonetworks.com/CVE-2020-1986 2020-04-10
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Paloaltonetworks
Search vendor "Paloaltonetworks"
 Secdo
Search vendor "Paloaltonetworks" for product "Secdo"
*-
Affected
in Microsoft
Search vendor "Microsoft"
 Windows
Search vendor "Microsoft" for product "Windows"
--
Safe