Vulnerability Details CVE-2020-11613
Mids' Reborn Hero Designer 2.6.0.7 has an elevation of privilege vulnerability due to default and insecure permissions being set for the installation folder. By default, the Authenticated Users group has Modify permissions to the installation folder. Because of this, any user on the system can replace binaries or plant malicious DLLs to obtain elevated, or different, privileges, depending on the context of the user that runs the application.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 18.0%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 4.4
References
Products affected by CVE-2020-11613
-
cpe:2.3:a:mids'_reborn_hero_designer_project:mids'_reborn_hero_designer:2.6.0.7