Vulnerability Details CVE-2020-8895
Untrusted Search Path vulnerability in the windows installer of Google Earth Pro versions prior to 7.3.3 allows an attacker to insert malicious local files to execute unauthenticated remote code on the targeted system.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 13.7%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 4.4
References
Products affected by CVE-2020-8895
-
cpe:2.3:a:google:earth:5.0
-
cpe:2.3:a:google:earth:5.0.1
-
cpe:2.3:a:google:earth:5.1
-
cpe:2.3:a:google:earth:6.0.2
-
cpe:2.3:a:google:earth:6.1
-
cpe:2.3:a:google:earth:6.2
-
cpe:2.3:a:google:earth:7.0
-
cpe:2.3:a:google:earth:7.0.2
-
cpe:2.3:a:google:earth:7.0.3.8542
-
cpe:2.3:a:google:earth:7.1.1.1580
-
cpe:2.3:a:google:earth:7.1.1.1871
-
cpe:2.3:a:google:earth:7.1.1.1888
-
cpe:2.3:a:google:earth:7.1.2.2041
-
cpe:2.3:a:google:earth:7.1.4.1529
-
cpe:2.3:a:google:earth:7.1.5.1557
-
cpe:2.3:a:google:earth:7.1.7.2600
-
cpe:2.3:a:google:earth:7.1.7.2602
-
cpe:2.3:a:google:earth:7.1.7.2606
-
cpe:2.3:a:google:earth:7.1.8.3036
-
cpe:2.3:a:google:earth:7.3.0
-
cpe:2.3:a:google:earth:7.3.1
-
cpe:2.3:a:google:earth:7.3.2