CVE-2020-23967

high

Description

Dr.Web Security Space versions 11 and 12 allow elevation of privilege for local users without administrative privileges to NT AUTHORITY\SYSTEM due to insufficient control during autoupdate.

References

https://www.youtube.com/watch?v=q7Kqi7kE59U

https://habr.com/ru/company/pm/blog/509592/

https://amonitoring.ru/article/drweb/

Details

Source: Mitre, NVD

Published: 2021-03-08

Updated: 2026-06-17

Risk Information

CVSS v2

Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 7.8

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H