Vulnerability Details CVE-2020-15349
BinaryNights ForkLift 3.x before 3.4 has a local privilege escalation vulnerability because the privileged helper tool implements an XPC interface that allows file operations to any process (copy, move, delete) as root and changing permissions.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 40.8%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 7.2
References
Products affected by CVE-2020-15349
-
cpe:2.3:a:binarynights:forklift:3.0
-
cpe:2.3:a:binarynights:forklift:3.0.1
-
cpe:2.3:a:binarynights:forklift:3.0.2
-
cpe:2.3:a:binarynights:forklift:3.0.3
-
cpe:2.3:a:binarynights:forklift:3.0.4
-
cpe:2.3:a:binarynights:forklift:3.0.5
-
cpe:2.3:a:binarynights:forklift:3.0.6
-
cpe:2.3:a:binarynights:forklift:3.0.7
-
cpe:2.3:a:binarynights:forklift:3.0.8
-
cpe:2.3:a:binarynights:forklift:3.0.9
-
cpe:2.3:a:binarynights:forklift:3.1
-
cpe:2.3:a:binarynights:forklift:3.1.1
-
cpe:2.3:a:binarynights:forklift:3.1.2
-
cpe:2.3:a:binarynights:forklift:3.2
-
cpe:2.3:a:binarynights:forklift:3.2.1
-
cpe:2.3:a:binarynights:forklift:3.2.2
-
cpe:2.3:a:binarynights:forklift:3.2.3
-
cpe:2.3:a:binarynights:forklift:3.2.4
-
cpe:2.3:a:binarynights:forklift:3.2.5
-
cpe:2.3:a:binarynights:forklift:3.2.6
-
cpe:2.3:a:binarynights:forklift:3.2.7
-
cpe:2.3:a:binarynights:forklift:3.2.8
-
cpe:2.3:a:binarynights:forklift:3.2.9
-
cpe:2.3:a:binarynights:forklift:3.3
-
cpe:2.3:a:binarynights:forklift:3.3.1
-
cpe:2.3:a:binarynights:forklift:3.3.2
-
cpe:2.3:a:binarynights:forklift:3.3.3
-
cpe:2.3:a:binarynights:forklift:3.3.4
-
cpe:2.3:a:binarynights:forklift:3.3.5
-
cpe:2.3:a:binarynights:forklift:3.3.6
-
cpe:2.3:a:binarynights:forklift:3.3.7
-
cpe:2.3:a:binarynights:forklift:3.3.8
-
cpe:2.3:a:binarynights:forklift:3.3.9