Thomson Reuters Eikon 4.0.42144 allows all local users to modify the service executable file because of weak %PROGRAMFILES(X86)%\Thomson Reuters\Eikon permissions.
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/158989/Eikon-Thomson-Reuters-4.0.42144-File-Permissions.html | Exploit Third Party Advisory VDB Entry |
http://seclists.org/fulldisclosure/2020/Aug/19 | Exploit Mailing List Third Party Advisory |
https://sec-consult.com/en/blog/advisories/extensive-file-permissions-on-service-executable-in-eikon-thomson-reuters-cve-2019-10679/ | Third Party Advisory |
https://www.sec-consult.com/en/vulnerability-lab/advisories/index.html | Third Party Advisory |
https://www.thomsonreuters.com/en/products-services.html | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2020-09-03T14:40:25
Updated: 2020-09-03T14:40:54
Reserved: 2019-04-01T00:00:00
Link: CVE-2019-10679
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-09-03T15:15:11.190
Modified: 2020-09-11T14:27:59.323
Link: CVE-2019-10679
JSON object: View
Redhat Information
No data.
CWE