CVE-2020-28175

There is a local privilege escalation vulnerability in Alfredo Milani Comparetti SpeedFan 4.52. Attackers can use constructed programs to increase user privileges
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 18%
VendorProductVersion
almicospeedfan
4.52
𝑥
= Vulnerable software versions
References
http://www.almico.com/speedfan.php
https://github.com/y5s5k5/CVE-2020-28175
https://github.com/y5s5k5/exp/blob/main/exp
http://www.almico.com/speedfan.php
https://github.com/y5s5k5/CVE-2020-28175
https://github.com/y5s5k5/exp/blob/main/exp