// For flags

CVE-2020-1991

Traps: Insecure temporary file vulnerability may allow privilege escalation on Windows

Severity Score

7.1
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

An insecure temporary file vulnerability in Palo Alto Networks Traps allows a local authenticated Windows user to escalate privileges or overwrite system files. This issue affects Palo Alto Networks Traps 5.0 versions before 5.0.8; 6.1 versions before 6.1.4 on Windows. This issue does not affect Cortex XDR 7.0. This issue does not affect Traps for Linux or MacOS.

Una vulnerabilidad de archivo temporal no seguro en Palo Alto Networks Traps, permite a un usuario de Windows autenticado local escalar privilegios o sobrescribir archivos del sistema. Este problema afecta a Palo Alto Networks Traps versiones 5.0 anteriores a 5.0.8; versiones 6.1 anteriores a 6.1.4 en Windows. Este problema no afecta a Cortex XDR versiĆ³n 7.0. Este problema no afecta a Traps para Linux o MacOS.

*Credits: Palo Alto Networks thanks Lasse Trolle Borup of Danish Cyber Defence for discovering and reporting this issue.
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
High
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Local
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2019-12-04 CVE Reserved
  • 2020-04-08 CVE Published
  • 2023-03-08 EPSS Updated
  • 2024-09-17 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-269: Improper Privilege Management
  • CWE-377: Insecure Temporary File
CAPEC
References (1)
URL Tag Source
URL Date SRC
URL Date SRC
URL Date SRC
https://security.paloaltonetworks.com/CVE-2020-1991 2020-04-10
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Paloaltonetworks
Search vendor "Paloaltonetworks"
 Traps
Search vendor "Paloaltonetworks" for product "Traps"
 >= 5.0 < 5.0.8
Search vendor "Paloaltonetworks" for product "Traps" and version " >= 5.0 < 5.0.8"
-
Affected
in Microsoft
Search vendor "Microsoft"
 Windows
Search vendor "Microsoft" for product "Windows"
--
Safe
Paloaltonetworks
Search vendor "Paloaltonetworks"
 Traps
Search vendor "Paloaltonetworks" for product "Traps"
 >= 6.1 < 6.1.4
Search vendor "Paloaltonetworks" for product "Traps" and version " >= 6.1 < 6.1.4"
-
Affected
in Microsoft
Search vendor "Microsoft"
 Windows
Search vendor "Microsoft" for product "Windows"
--
Safe