CVE-2020-9361

Medium

5.5/10

Summary

CryptoPro CSP through 5.0.0.10004 on 64-bit platforms allows local users with the SeChangeNotifyPrivilege right to cause denial of service because user-mode input is mishandled during process creation.

Attack Complexity: LOW
Attack Vector: LOCAL
Integrity Impact: NONE
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: LOW
Confidentiality Impact: NONE
Availability Impact: HIGH

References

Advisory Timeline

Published Oct 23, 2020

CVE-2020-9361

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS