Vulnerabilities > CVE-2020-9331 - Unspecified vulnerability in Cryptopro CSP
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
CryptoPro CSP through 5.0.0.10004 on 32-bit platforms allows Local Privilege Escalation (by local users with the SeChangeNotifyPrivilege right) because user-mode input is mishandled during process creation. An attacker can write arbitrary data to an arbitrary location in the kernel's address space.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |