CVE-2020-9292

Critical

An unquoted service path vulnerability in the FortiSIEM Windows Agent component may allow an attacker to gain elevated privileges via the…

fortinet·CWE-428·Published 2020-06-04

CVSS

9.8

EPSS

0.02

KEV

Exploits

cve.orgen

171 chars

An unquoted service path vulnerability in the FortiSIEM Windows Agent component may allow an attacker to gain elevated privileges via the AoWinAgt executable service path.

NVDen

171 chars

An unquoted service path vulnerability in the FortiSIEM Windows Agent component may allow an attacker to gain elevated privileges via the AoWinAgt executable service path.

Una vulnerabilidad de la ruta de servicio sin comillas en el componente FortiSIEM Windows Agent puede permitir a un atacante alcanzar privilegios elevados por medio de la ruta de servicio del ejecutable AoWinAgt

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	7.5	10.0	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P
3.1	Primary	NVD	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H