Vulnerability Description
ZoneAlarm Anti-Ransomware before version 1.0.713 copies files for the report from a directory with low privileges. A sophisticated timed attacker can replace those files with malicious or linked content, such as exploiting CVE-2020-0896 on unpatched systems or using symbolic links. This allows an unprivileged user to enable escalation of privilege via local access.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Checkpoint | Zonealarm Anti-Ransomware | < 1.0.713 |
Related Weaknesses (CWE)
References
- https://danishcyberdefence.dk/blog/zonealarm-check-pointThird Party Advisory
- https://www.zonealarm.com/anti-ransomware/release-historyRelease NotesVendor Advisory
- https://www.zonealarm.com/software/extreme-security/release-historyRelease NotesVendor Advisory
- https://danishcyberdefence.dk/blog/zonealarm-check-pointThird Party Advisory
- https://www.zonealarm.com/anti-ransomware/release-historyRelease NotesVendor Advisory
- https://www.zonealarm.com/software/extreme-security/release-historyRelease NotesVendor Advisory
FAQ
What is CVE-2020-6012?
CVE-2020-6012 is a vulnerability with a CVSS score of 7.4 (HIGH). ZoneAlarm Anti-Ransomware before version 1.0.713 copies files for the report from a directory with low privileges. A sophisticated timed attacker can replace those files with malicious or linked conte...
How severe is CVE-2020-6012?
CVE-2020-6012 has been rated HIGH with a CVSS base score of 7.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-6012?
Check the references section above for vendor advisories and patch information. Affected products include: Checkpoint Zonealarm Anti-Ransomware.