mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-07 11:06:19 +00:00
1.1 KiB
1.1 KiB
CVE-2020-12798
Description
Cellebrite UFED 5.0 to 7.5.0.845 implements local operating system policies that can be circumvented to obtain a command prompt via the Windows file dialog that is reachable via the Certificate-Based Authentication option of the Wireless Network Connection screen.
POC
Reference
- http://packetstormsecurity.com/files/157715/Cellebrite-UFED-7.5.0.845-Desktop-Escape-Privilege-Escalation.html
- http://packetstormsecurity.com/files/157715/Cellebrite-UFED-7.5.0.845-Desktop-Escape-Privilege-Escalation.html
- https://korelogic.com/Resources/Advisories/KL-001-2020-002.txt
- https://korelogic.com/Resources/Advisories/KL-001-2020-002.txt
- https://twitter.com/thatguylevel
- https://twitter.com/thatguylevel
Github
No PoCs found on GitHub currently.