CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-15351

IDrive before 6.7.3.19 on Windows installs by default to %PROGRAMFILES(X86)%\IDriveWindows with weak folder permissions granting any user modify permission (i.e., NT AUTHORITY\Authenticated Users:(OI)(CI)(M)) to the contents of the directory and its sub-folders. In addition, the program installs a service called IDriveService that runs as LocalSystem. Thus, any standard user can escalate privileges to NT AUTHORITY\SYSTEM by substituting the service's binary with a malicious one.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 6.3%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 7.2

References

Products affected by CVE-2020-15351

Idrive » Idrive » Version: 6.7.1.30

cpe:2.3:a:idrive:idrive:6.7.1.30
Idrive » Idrive » Version: 6.7.1.31

cpe:2.3:a:idrive:idrive:6.7.1.31
Idrive » Idrive » Version: 6.7.1.32

cpe:2.3:a:idrive:idrive:6.7.1.32
Idrive » Idrive » Version: 6.7.1.33

cpe:2.3:a:idrive:idrive:6.7.1.33
Idrive » Idrive » Version: 6.7.1.34

cpe:2.3:a:idrive:idrive:6.7.1.34
Idrive » Idrive » Version: 6.7.1.35

cpe:2.3:a:idrive:idrive:6.7.1.35
Idrive » Idrive » Version: 6.7.1.36

cpe:2.3:a:idrive:idrive:6.7.1.36
Idrive » Idrive » Version: 6.7.1.37

cpe:2.3:a:idrive:idrive:6.7.1.37
Idrive » Idrive » Version: 6.7.1.38

cpe:2.3:a:idrive:idrive:6.7.1.38
Idrive » Idrive » Version: 6.7.1.39

cpe:2.3:a:idrive:idrive:6.7.1.39
Idrive » Idrive » Version: 6.7.1.40

cpe:2.3:a:idrive:idrive:6.7.1.40
Idrive » Idrive » Version: 6.7.1.41

cpe:2.3:a:idrive:idrive:6.7.1.41
Idrive » Idrive » Version: 6.7.1.42

cpe:2.3:a:idrive:idrive:6.7.1.42
Idrive » Idrive » Version: 6.7.1.43

cpe:2.3:a:idrive:idrive:6.7.1.43
Idrive » Idrive » Version: 6.7.1.44

cpe:2.3:a:idrive:idrive:6.7.1.44
Idrive » Idrive » Version: 6.7.1.45

cpe:2.3:a:idrive:idrive:6.7.1.45
Idrive » Idrive » Version: 6.7.1.46

cpe:2.3:a:idrive:idrive:6.7.1.46
Idrive » Idrive » Version: 6.7.1.47

cpe:2.3:a:idrive:idrive:6.7.1.47
Idrive » Idrive » Version: 6.7.1.48

cpe:2.3:a:idrive:idrive:6.7.1.48
Idrive » Idrive » Version: 6.7.1.49

cpe:2.3:a:idrive:idrive:6.7.1.49
Idrive » Idrive » Version: 6.7.1.50

cpe:2.3:a:idrive:idrive:6.7.1.50
Idrive » Idrive » Version: 6.7.1.51

cpe:2.3:a:idrive:idrive:6.7.1.51
Idrive » Idrive » Version: 6.7.1.52

cpe:2.3:a:idrive:idrive:6.7.1.52
Idrive » Idrive » Version: 6.7.1.53

cpe:2.3:a:idrive:idrive:6.7.1.53
Idrive » Idrive » Version: 6.7.1.54

cpe:2.3:a:idrive:idrive:6.7.1.54
Idrive » Idrive » Version: 6.7.1.55

cpe:2.3:a:idrive:idrive:6.7.1.55
Idrive » Idrive » Version: 6.7.1.56

cpe:2.3:a:idrive:idrive:6.7.1.56
Idrive » Idrive » Version: 6.7.1.57

cpe:2.3:a:idrive:idrive:6.7.1.57
Idrive » Idrive » Version: 6.7.1.58

cpe:2.3:a:idrive:idrive:6.7.1.58
Idrive » Idrive » Version: 6.7.2.0

cpe:2.3:a:idrive:idrive:6.7.2.0
Idrive » Idrive » Version: 6.7.2.1

cpe:2.3:a:idrive:idrive:6.7.2.1
Idrive » Idrive » Version: 6.7.3.0

cpe:2.3:a:idrive:idrive:6.7.3.0
Idrive » Idrive » Version: 6.7.3.1

cpe:2.3:a:idrive:idrive:6.7.3.1
Idrive » Idrive » Version: 6.7.3.10

cpe:2.3:a:idrive:idrive:6.7.3.10
Idrive » Idrive » Version: 6.7.3.11

cpe:2.3:a:idrive:idrive:6.7.3.11
Idrive » Idrive » Version: 6.7.3.12

cpe:2.3:a:idrive:idrive:6.7.3.12
Idrive » Idrive » Version: 6.7.3.13

cpe:2.3:a:idrive:idrive:6.7.3.13
Idrive » Idrive » Version: 6.7.3.14

cpe:2.3:a:idrive:idrive:6.7.3.14
Idrive » Idrive » Version: 6.7.3.15

cpe:2.3:a:idrive:idrive:6.7.3.15
Idrive » Idrive » Version: 6.7.3.16

cpe:2.3:a:idrive:idrive:6.7.3.16
Idrive » Idrive » Version: 6.7.3.17

cpe:2.3:a:idrive:idrive:6.7.3.17
Idrive » Idrive » Version: 6.7.3.18

cpe:2.3:a:idrive:idrive:6.7.3.18
Idrive » Idrive » Version: 6.7.3.2

cpe:2.3:a:idrive:idrive:6.7.3.2
Idrive » Idrive » Version: 6.7.3.3

cpe:2.3:a:idrive:idrive:6.7.3.3
Idrive » Idrive » Version: 6.7.3.4

cpe:2.3:a:idrive:idrive:6.7.3.4
Idrive » Idrive » Version: 6.7.3.5

cpe:2.3:a:idrive:idrive:6.7.3.5
Idrive » Idrive » Version: 6.7.3.6

cpe:2.3:a:idrive:idrive:6.7.3.6
Idrive » Idrive » Version: 6.7.3.7

cpe:2.3:a:idrive:idrive:6.7.3.7
Idrive » Idrive » Version: 6.7.3.8

cpe:2.3:a:idrive:idrive:6.7.3.8
Idrive » Idrive » Version: 6.7.3.9

cpe:2.3:a:idrive:idrive:6.7.3.9
Microsoft » Windows » Version: N/A

cpe:2.3:o:microsoft:windows:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-15351

Products

Pricing

Contact Us