CVE-2020-23968
HIGHIlex International Sign&go Workstation Security Suite 7.1 - Privilege Escalation via Symlink Attack
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2020-23968. PoCs published by ricardojba.
AI-analyzed exploit summary This repository contains a C++ exploit for CVE-2020-23968, targeting ILEX SignGo for local privilege escalation (LPE) via directory object manipulation and symbolic link attacks. The exploit leverages Windows API calls and NT functions to achieve elevation of privileges.
Description
Ilex International Sign&go Workstation Security Suite 7.1 allows elevation of privileges via a symlink attack on ProgramData\Ilex\S&G\Logs\000-sngWSService1.log.
Exploits (1)
This repository contains a C++ exploit for CVE-2020-23968, targeting ILEX SignGo for local privilege escalation (LPE) via directory object manipulation and symbolic link attacks. The exploit leverages Windows API calls and NT functions to achieve elevation of privileges.
References (3)
Scores
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H