Detections
Analytics

CVE-2020-36916

high

Description

TDM Digital Signage PC Player 4.1.0.4 contains an elevation of privileges vulnerability that allows authenticated users to modify executable files. Attackers can leverage the 'Modify' permissions for authenticated users to replace executable files with malicious binaries and gain elevated system access.

References

https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5604.php

https://www.vulncheck.com/advisories/tdm-digital-signage-pc-player-privilege-escalation-via-insecure-permissions

https://www.tdmsignage.com

https://www.exploit-db.com/exploits/48953

https://pro.sony/en_NL/products/display-software/tdm-ds1y-tdm-ds3y

https://packetstorm.news/files/id/159723

https://exchange.xforce.ibmcloud.com/vulnerabilities/190627

Details

Source: Mitre, NVD

Published: 2026-01-06

Updated: 2026-01-08

Risk Information

CVSS v2

Base Score: 9

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 8.8

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High

CVSS v4

Base Score: 8.5

Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Severity: High

EPSS

EPSS: 0.00023