CVE-2020-11081
10.07.2020, 19:15
osquery before version 4.4.0 enables a privilege escalation vulnerability. If a Window system is configured with a PATH that contains a user-writable directory then a local user may write a zlib1.dll DLL, which osquery will attempt to load. Since osquery runs with elevated privileges this enables local escalation. This is fixed in version 4.4.0.Enginsight
Vendor | Product | Version |
---|---|---|
linuxfoundation | osquery | 𝑥 < 4.4.0 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-114 - Process ControlExecuting commands or loading libraries from an untrusted source or in an untrusted environment can cause an application to execute malicious commands (and payloads) on behalf of an attacker.
- CWE-426 - Untrusted Search PathThe application searches for critical resources using an externally-supplied search path that can point to resources that are not under the application's direct control.
References