CVE-2014-8419

EUVD-2014-8256
Wibu-Systems CodeMeter Runtime before 5.20 uses weak permissions (read and write access for all users) for codemeter.exe, which allows local users to gain privileges via a Trojan horse file.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.2 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 9%
Affected Products (NVD)
VendorProductVersion
wibucodemeter_runtime
𝑥
≤ 5.10c
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://packetstormsecurity.com/files/129234/CodeMeter-Weak-Service-Permissions.html
http://www.securityfocus.com/archive/1/534079/100/0/threaded
http://packetstormsecurity.com/files/129234/CodeMeter-Weak-Service-Permissions.html
http://www.securityfocus.com/archive/1/534079/100/0/threaded