A TOCTOU vulnerability exists in madCodeHook before 2020-07-16 that allows local attackers to elevate their privileges to SYSTEM. This occurs because path redirection can occur via vectors involving directory junctions.
References
Link | Resource |
---|---|
https://github.com/nettitude/metasploit-modules | Product Third Party Advisory |
https://labs.nettitude.com/blog/cve-2020-14418-madcodehook-library-local-privilege-escalation/ | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2021-01-30T05:26:59
Updated: 2021-01-30T05:26:59
Reserved: 2020-06-18T00:00:00
Link: CVE-2020-14418
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-01-30T06:15:12.227
Modified: 2021-02-04T16:16:07.453
Link: CVE-2020-14418
JSON object: View
Redhat Information
No data.
CWE