Insecure Permissions in Akeo Consulting Rufus 3.0 and Earlier: Arbitrary Code Execution with Privilege Escalation

Insecure Permissions in Akeo Consulting Rufus 3.0 and Earlier: Arbitrary Code Execution with Privilege Escalation

CVE-2019-1010101 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Akeo Consulting Rufus 3.0 and earlier is affected by: Insecure Permissions. The impact is: arbitrary code execution with escalation of privilege. The component is: Executable installer, portable executable (ALL executables available). The attack vector is: CWE-29, CWE-377, CWE-379.

Learn more about our Web Application Penetration Testing UK.