Vulnerabilities (CVE)

Filtered by vendor Utimaco Subscribe
Filtered by product Paymentserver Firmware
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-26155 2 Microsoft, Utimaco 7 Windows, Block-safe Firmware, Cryptoserver Cp5 Firmware and 4 more 2024-11-21 4.4 MEDIUM 7.8 HIGH
Multiple files and folders in Utimaco SecurityServer 4.20.0.4 and 4.31.1.0. are installed with Read/Write permissions for authenticated users, which allows for binaries to be manipulated by non-administrator users. Additionally, entries are made to the PATH environment variable which, in conjunction with these weak permissions, could enable an attacker to perform a DLL hijacking attack.