CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-13534

A privilege escalation vulnerability exists in Dream Report 5 R20-2. COM Class Identifiers (CLSID), installed by Dream Report 5 20-2, reference LocalServer32 and InprocServer32 with weak privileges which can lead to privilege escalation when used. An attacker can provide a malicious file to trigger this vulnerability.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 44.4%

CVSS Severity

CVSS v3 Score 9.3

CVSS v2 Score 6.8

References

https://talosintelligence.com/vulnerability_reports/TALOS-2020-1146
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1146

Products affected by CVE-2020-13534

Dreamreport » Dream Report » Version: 5_r20-2

cpe:2.3:a:dreamreport:dream_report:5_r20-2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-13534

Products

Pricing

Contact Us