Home > Vulnerability Database > CVE-2020-15264

Mend.io Vulnerability Database

CVE-2020-15264

Date: October 20, 2020

The Boxstarter installer before version 2.13.0 configures C:\ProgramData\Boxstarter to be in the system-wide PATH environment variable. However, this directory is writable by normal, unprivileged users. To exploit the vulnerability, place a DLL in this directory that a privileged service is looking for. For example, WptsExtensions.dll When Windows starts, it'll execute the code in DllMain() with SYSTEM privileges. Any unprivileged user can execute code with SYSTEM privileges. The issue is fixed in version 3.13.0

Language: SHELL

Severity Score

8.0

Related Resources (5)

Url: https://github.com/chocolatey/boxstarter/security/advisories/GHSA-rpgx-h675-r3jf

Url: https://www.kb.cert.org/vuls/id/208577

Url: https://github.com/chocolatey/boxstarter/commit/67e320491813550b48900e87105a34ceefdcf633

Url: https://nvd.nist.gov/vuln/detail/CVE-2020-15264

Url: https://www.mend.io/vulnerability-database/CVE-2020-15264

Severity Score

8.0

Weakness Type (CWE)

Exposure of Resource to Wrong Sphere

CWE-668

External Control of File Name or Path

CWE-73

CVSS v3.1

Base Score:	8.0
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	LOW
User Interaction (UI):	REQUIRED
Scope (S):	CHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

CVSS v2

Base Score:	7.2
Access Vector (AV):	LOCAL
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	COMPLETE
Integrity (I):	COMPLETE
Availability (A):	COMPLETE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2020-15264

Date: October 20, 2020

Language: SHELL

Severity Score

Related Resources (5)

Severity Score

Weakness Type (CWE)

CVSS v3.1

CVSS v2

Do you need more information?