CVE Published: 26/05/2020 |
CVE Updated: 04/08/2024 |
CVE Year: 2020 Source: jci |
Vendor: Johnson Controls |
Product: Kantech EntraPass Security Management Software Special Edition versions 8.22 and prior Status : PUBLISHED
CVE-2020-9046 Description
A vulnerability in all versions of Kantech EntraPass Editions could potentially allow an authorized low-privileged user to gain full system-level privileges by replacing critical files with specifically crafted files.
Metrics
CVSS Version: 3.1 |
Base Score: 8.8 HIGH Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H