Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2020-15261Unquoted Search Path or Element in Veyon

CWE-428Unquoted Search Path or Element3 documents3 sources
Severity
6.7MEDIUMNVD
EPSS
8.1%
top 7.86%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
VeyonDebian Veyon
Timeline
PublishedOct 19
Latest updateJun 1

Description

On Windows the Veyon Service before version 4.4.2 contains an unquoted service path vulnerability, allowing locally authenticated users with administrative privileges to run malicious executables with LocalSystem privileges. Since Veyon users (both students and teachers) usually don't have administrative privileges, this vulnerability is only dangerous in anyway unsafe setups. The problem has been fixed in version 4.4.2. As a workaround, the exploitation of the vulnerability can be prevented by

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 0.8 | Impact: 5.9

Affected Packages3 packages

CVEListV5veyon/veyon< 0.11.5
NVDveyon/veyon< 4.4.2
debiandebian/veyon

Patches

Patch: github.comPatch: github.com

💥Exploits & PoCs

1
Exploit-DB
Veyon 4.4.1 - 'VeyonService' Unquoted Service Path2021-06-01

📋Vendor Advisories

1
Debian
CVE-2020-15261: veyon - On Windows the Veyon Service before version 4.4.2 contains an unquoted service p...2020