CVE-2020-24307

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2020-24307

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-24307.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2020-24307

Published

2023-02-02T12:15:08.893Z

Modified

2026-04-10T04:27:52.019631Z

Severity

7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

An issue in mRemoteNG v1.76.20 allows attackers to escalate privileges via a crafted executable file. NOTE: third parties were unable to reproduce any scenario in which the claimed access of BUILTIN\Users:(M) is present.

References

Affected packages

Git / github.com/mremoteng/mremoteng

Affected ranges

Type

GIT

Repo

https://github.com/mremoteng/mremoteng

Events

Introduced

Last affected

068f5942e73a0b4e3c461d861216788ac5a4958a

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.76.20"
        }
    ]
}

Affected versions

1.*

1.50

1.60

1.62

1.63

1.64

1.65

1.66

1.67

1.67RC1

1.67RC2

1.67RC3

1.67RC4

1.67RC5

1.68

1.70Beta1

1.70Beta2

1.71Beta1

1.71Beta2

1.71Beta3

1.71Beta4

1.71Beta5

1.73Beta1

1.73Beta2

v1.*

v1.75Alpha2

v1.75Alpha3

v1.75Aplha1

v1.75Beta1

v1.75Beta2

v1.75Beta3

v1.75RC1

v1.76.10

v1.76.12

v1.76.13

v1.76.14

v1.76.15

v1.76.16

v1.76.17

v1.76.18

v1.76.20

v1.76.5

v1.76.6

v1.76.7

v1.76.8

v1.76.9

v1.76Alpha1

v1.76Alpha2

v1.76Alpha3

v1.76Alpha4

v1.76Alpha5

v1.76Alpha6

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-24307.json"