CVE-2020-10553

EUVD-2020-3005
An issue was discovered in Psyprax before 3.2.2. The file %PROGRAMDATA%\Psyprax32\PPScreen.ini contains a hash for the lockscreen (aka screensaver) of the application. If that entry is removed, the lockscreen is no longer displayed and the app is no longer locked. All local users are able to modify that file.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 12%
Affected Products (NVD)
VendorProductVersion
psypraxpsyprax
𝑥
< 3.2.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.x41-dsec.de/lab/advisories/x41-2020-002-psyprax
https://www.x41-dsec.de/lab/advisories/x41-2020-002-psyprax