Security Advisory

CVE-2020-15396

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-06-30 11:17:21

Last updated 2024-08-04 13:15:20

Assigner mitre

State PUBLISHED

Description

In HylaFAX+ through 7.0.2 and HylaFAX Enterprise, the faxsetup utility calls chown on files in user-owned directories. By winning a race, a local attacker could use this to escalate his privileges to root.

← Browse all CVEs View on cve.org ↗