{
  "schema_version": "1.4.0",
  "id": "GHSA-r4mj-qp8w-wrv9",
  "modified": "2022-05-24T22:28:56Z",
  "published": "2022-05-24T22:28:56Z",
  "aliases": [
    "CVE-2020-15593"
  ],
  "details": "SteelCentral Aternity Agent 11.0.0.120 on Windows mishandles IPC. It uses an executable running as a high privileged Windows service to perform administrative tasks and collect data from other processes. It distributes functionality among different processes and uses IPC (Inter-Process Communication) primitives to enable the processes to cooperate. Any user in the system is allowed to access the interprocess communication channel AternityAgentAssistantIpc, retrieve a serialized object and call object methods remotely. Among others, the methods allow any user to: (1) Create and/or overwrite arbitrary XML files across the system; (2) Create arbitrary directories across the system; and (3) Load arbitrary plugins (i.e., C# assemblies) from the \"%PROGRAMFILES(X86)/Aternity Information Systems/Assistant/plugins” directory and execute code contained in them.",
  "severity": [],
  "affected": [],
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15593"
    },
    {
      "type": "WEB",
      "url": "https://aternity.force.com/customersuccess/s/article/Recorder-tool-security-notification-mitigation-steps-for-On-Prem"
    },
    {
      "type": "WEB",
      "url": "https://sec-consult.com/en/blog/advisories/privilege-escalation-vulnerability-in-steelcentral-aternity-agent-cve-2020-15592-cve-2020-15593"
    }
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-732"
    ],
    "severity": "HIGH",
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-07-27T14:15:00Z"
  }
}