QwikSec

Security Database

CVE

CWE

Training

CVE-2020-12798

Published: May 15, 2020

Modified: Aug 4, 2024

PUBLISHED

Description

Cellebrite UFED 5.0 to 7.5.0.845 implements local operating system policies that can be circumvented to obtain a command prompt via the Windows file dialog that is reachable via the Certificate-Based Authentication option of the Wireless Network Connection screen.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://twitter.com/thatguylevel

x_refsource_MISC

https://korelogic.com/advisories.html

x_refsource_MISC

https://github.com/thatguylevel

x_refsource_MISC

http://packetstormsecurity.com/files/157715/Cellebrite-UFED-7.5.0.845-Desktop-Escape-Privilege-Escalation.html

x_refsource_MISC

https://korelogic.com/Resources/Advisories/KL-001-2020-002.txt

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.