CVE-2020-1985 : What You Need to Know

This CVE pertains to an issue in Secdo where incorrect default permissions allow local authenticated users to overwrite system files and gain escalated privileges.

Understanding CVE-2020-1985

This vulnerability affects all versions of Secdo for Windows and was initially published on April 8, 2020.

What is CVE-2020-1985?

The CVE-2020-1985 vulnerability in Secdo arises from incorrect default permissions on the C:\Programdata\Secdo\Logs folder, enabling local authenticated users to compromise system integrity and confidentiality.

The Impact of CVE-2020-1985

The impact of this vulnerability is rated as HIGH, with a CVSS base score of 7.8, indicating significant risk to system availability, confidentiality, and integrity.

Technical Details of CVE-2020-1985

This section provides a deeper insight into the technical aspects of the CVE.

Vulnerability Description

The vulnerability results from incorrect default permissions on the Secdo folder, enabling unauthorized system file tampering by local authenticated users.

Affected Systems and Versions

Platform: Windows
Product: Secdo
Versions: All versions of Secdo for Windows.

Exploitation Mechanism

The vulnerability allows local authenticated users to overwrite critical system files by exploiting the improper permissions on the Secdo folder.

Mitigation and Prevention

Protecting systems from CVE-2020-1985 requires a proactive approach to security.

Immediate Steps to Take

Change permissions on C:\Programdata\Secdo\Logs to disallow access by unprivileged users.

Long-Term Security Practices

Implement least privilege access controls to limit user permissions.
Regularly monitor and audit permissions on critical system folders.

Patching and Updates

Since the product is no longer supported, applying the workaround of changing folder permissions is critical to mitigate the vulnerability.