CVE-2020-0570

HIGH

Qt < 5.14.0, 5.12.7, 5.9.10 - Untrusted Search Path

Title source: llm
STIX 2.1

Description

Uncontrolled search path in the QT Library before 5.14.0, 5.12.7 and 5.9.10 may allow an authenticated user to potentially enable elevation of privilege via local access.

References (3)

Core 3
Core References
Issue Tracking, Patch, Third Party Advisory x_refsource_misc
https://bugzilla.redhat.com/show_bug.cgi?id=1800604
Exploit, Patch, Vendor Advisory x_refsource_confirm
https://bugreports.qt.io/browse/QTBUG-81272
Mailing List, Vendor Advisory x_refsource_confirm
https://lists.qt-project.org/pipermail/development/2020-January/038534.html

Scores

CVSS v3 7.3
EPSS 0.0057
EPSS Percentile 42.6%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-426
Status published
Products (3)
qt/qt < 5.9.10
redhat/enterprise_linux 7.0
redhat/enterprise_linux 8.0
Published Sep 14, 2020
Tracked Since Feb 18, 2026