CVE-2020-27977

high

Description

CapaSystems CapaInstaller before 6.0.101 does not properly assign, modify, or check privileges for an actor who attempts to edit registry values, allowing an attacker to escalate privileges.

References

https://capawiki.capasystems.com/display/ci/CapaInstaller+6.0+-+Build+101

Details

Source: Mitre, NVD

Published: 2020-11-09

Updated: 2026-06-17

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 7.8

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.00068