CVE-2020-13771
HIGHIvanti Endpoint Manager < 2020.1.1 - Uncontrolled Search Path Element via DLL Hijacking
Title source: llmDescription
Various components in Ivanti Endpoint Manager through 2020.1.1 rely on Windows search order when loading a (nonexistent) library file, allowing (under certain conditions) one to gain code execution (and elevation of privileges to the level of privilege held by the vulnerable component such as NT AUTHORITY\SYSTEM) via DLL hijacking. This affects ldiscn32.exe, IpmiRedirectionService.exe, LDAPWhoAmI.exe, and ldprofile.exe.
References (1)
Core 1
Core References
Third Party Advisory x_refsource_misc
https://labs.jumpsec.com/advisory-cve-2020-13771-ivanti-uem-dll-hijacking/
Scores
CVSS v3
7.8
EPSS
0.0006
EPSS Percentile
18.9%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-427
Status
published
Products (1)
ivanti/endpoint_manager
< 2020.1.1
Published
Nov 12, 2020
Tracked Since
Feb 18, 2026