CVE-2020-16268

HIGH

1E Client - Exposure to Wrong Actor

Title source: rule

Description

The MSI installer in 1E Client 4.1.0.267 and 5.0.0.745 allows remote authenticated users and local users to gain elevated privileges via the repair option. This applies to installations that have a TRANSFORM (MST) with the option to disable the installation of the Nomad module. An attacker may craft a .reg file in a specific location that will be able to write to any registry key as an elevated user.

References (1)

[Vendor Advisory] https://help.1e.com/display/GI/1E+Security+Advisory-1E+Client+for+Windows%3A+CVE-2020-16268%2C+CVE-2020-27643%2C+CVE-2020-27644%2C+CVE-2020-27645

Scores

CVSS v3 8.8

EPSS 0.0082

EPSS Percentile 74.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-74 CWE-668

Status published

Affected Products (2)

1e/client

Timeline

Published Dec 29, 2020

Tracked Since Feb 18, 2026