CVE-2020-23968
HIGHIlex International Sign&go Workstation Security Suite 7.1 - Privilege Escalation via Symlink Attack
Title source: llmDescription
Ilex International Sign&go Workstation Security Suite 7.1 allows elevation of privileges via a symlink attack on ProgramData\Ilex\S&G\Logs\000-sngWSService1.log.
Exploits (1)
nomisec
WORKING POC
1 stars
by ricardojba · poc
https://github.com/ricardojba/CVE-2020-23968-ILEX-SignGo-EoP
References (3)
Core 3
Core References
Vendor Advisory x_refsource_misc
http://ilex.com
Third Party Advisory x_refsource_misc
http://signgo.com
Exploit, Third Party Advisory x_refsource_misc
https://ricardojba.github.io/CVE-Pending-ILEX-SignGo-EoP/
Scores
CVSS v3
7.8
EPSS
0.0250
EPSS Percentile
85.4%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-59
Status
published
Products (1)
ilex/international_sign\&go
7.1
Published
Nov 10, 2020
Tracked Since
Feb 18, 2026