RSS   Vulnerabilities for 'Xlreporter'   RSS

2021-02-19
 
CVE-2020-13549

CWE-269
 

 
An exploitable local privilege elevation vulnerability exists in the file system permissions of Sytech XL Reporter v14.0.1 install directory. Depending on the vector chosen, an attacker can overwrite service executables and execute arbitrary code with privileges of user set to run the service or replace other files within the installation folder, which would allow for local privilege escalation.

 


Copyright 2021, cxsecurity.com

 

Back to Top