CVE-2020-13770
published 2020-11-12CVE-2020-13770: Several services are accessing named pipes in Ivanti Endpoint Manager through 2020.1.1 with default or overly permissive security attributes; as these services…
PriorityP340high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EPSS
0.46%
36.6th percentile
Several services are accessing named pipes in Ivanti Endpoint Manager through 2020.1.1 with default or overly permissive security attributes; as these services run as user ‘NT AUTHORITY\SYSTEM’, the issue can be used to escalate privileges from a local standard or service account having SeImpersonatePrivilege (eg. user ‘NT AUTHORITY\NETWORK SERVICE’).
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ivanti | endpoint_manager | <= 2020.1.1 | — |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-cwx2-6cm4-jr73: Several services are accessing named pipes in Ivanti Endpoint Manager through 2020
ghsa_unreviewed·2022-05-24
CVE-2020-13770 [HIGH] CWE-276 GHSA-cwx2-6cm4-jr73: Several services are accessing named pipes in Ivanti Endpoint Manager through 2020
Several services are accessing named pipes in Ivanti Endpoint Manager through 2020.1.1 with default or overly permissive security attributes; as these services run as user ‘NT AUTHORITY\SYSTEM’, the issue can be used to escalate privileges from a local standard or service account having SeImpersonatePrivilege (eg. user ‘NT AUTHORITY\NETWORK SERVICE’).
Ivanti
Ivanti Security Advisory: CVE-2020-13770
vendor_ivanti·2020-11-12·CVSS 7.8
CVE-2020-13770 [HIGH] CWE-276 Ivanti Security Advisory: CVE-2020-13770
Ivanti Security Advisory: CVE-2020-13770
Several services are accessing named pipes in Ivanti Endpoint Manager through 2020.1.1 with default or overly permissive security attributes; as these services run as user ‘NT AUTHORITY\SYSTEM’, the issue can be used to escalate privileges from a local standard or service account having SeImpersonatePrivilege (eg. user ‘NT AUTHORITY\NETWORK SERVICE’).
CVE IDs: CVE-2020-13770
CVSS Base Score: 7.8
Severity: HIGH
CWEs: CWE-276
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2020-11-12
Published