CVE-2020-13770

CVE-2020-13770

Several services are accessing named pipes in Ivanti Endpoint Manager through 2020.1.1 with default or overly permissive security attributes; as these services run as user ‘NT AUTHORITYSYSTEM’, the issue can be used to escalate privileges from a local standard or service account having SeImpersonatePrivilege (eg. user ‘NT AUTHORITYNETWORK SERVICE’).

Source: CVE-2020-13770

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다