CVE-2020-10553

An issue was discovered in Psyprax before 3.2.2. The file %PROGRAMDATA%\Psyprax32\PPScreen.ini contains a hash for the lockscreen (aka screensaver) of the application. If that entry is removed, the lockscreen is no longer displayed and the app is no longer locked. All local users are able to modify that file.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 12%
VendorProductVersion
psypraxpsyprax
𝑥
< 3.2.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.x41-dsec.de/lab/advisories/x41-2020-002-psyprax
https://www.x41-dsec.de/lab/advisories/x41-2020-002-psyprax