CVE-2020-1991

HIGH

Palo Alto Networks Traps <5.0.8-6.1.4 - Privilege Escalation

Title source: llm
STIX 2.1

Description

An insecure temporary file vulnerability in Palo Alto Networks Traps allows a local authenticated Windows user to escalate privileges or overwrite system files. This issue affects Palo Alto Networks Traps 5.0 versions before 5.0.8; 6.1 versions before 6.1.4 on Windows. This issue does not affect Cortex XDR 7.0. This issue does not affect Traps for Linux or MacOS.

References (1)

Scores

CVSS v3 7.8
EPSS 0.0004
EPSS Percentile 10.7%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-269 CWE-377
Status published
Products (1)
paloaltonetworks/traps 5.0 - 5.0.8
Published Apr 08, 2020
Tracked Since Feb 18, 2026