[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250770

 
 

909

 
 

196157

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2020-15145Date: (C)2020-08-17   (M)2023-12-22


In Composer-Setup for Windows before version 6.0.0, if the developer's computer is shared with other users, a local attacker may be able to exploit the following scenarios. 1. A local regular user may modify the existing `C:ProgramDataComposerSetupincomposer.bat` in order to get elevated command execution when composer is run by an administrator. 2. A local regular user may create a specially crafted dll in the `C:ProgramDataComposerSetupin` folder in order to get Local System privileges. See: https://itm4n.github.io/windows-server-netman-dll-hijacking. 3. If the directory of the php.exe selected by the user is not in the system path, it is added without checking that it is admin secured, as per Microsoft guidelines. See: https://msrc-blog.microsoft.com/2018/04/04/triaging-a-dll-planting-vulnerability.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : 8.2CVSS Score : 4.4
Exploit Score: 1.5Exploit Score: 3.4
Impact Score: 6.0Impact Score: 6.4
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: LOCALAccess Vector: LOCAL
Attack Complexity: LOWAccess Complexity: MEDIUM
Privileges Required: LOWAuthentication: NONE
User Interaction: REQUIREDConfidentiality: PARTIAL
Scope: CHANGEDIntegrity: PARTIAL
Confidentiality: HIGHAvailability: PARTIAL
Integrity: HIGH 
Availability: HIGH 
  
Reference:
https://github.com/composer/windows-setup/commit/ca9f1435d368e3377e82d60ef0c7b795afa9f804
https://github.com/composer/windows-setup/security/advisories/GHSA-wgrx-r3qv-332c

CWE    1
CWE-276

© SecPod Technologies