CVE-2020-25094
CRITICALLogRhythm Platform Manager 7.4.9 - OS Command Injection via WebSocket
Title source: llmDescription
LogRhythm Platform Manager 7.4.9 allows Command Injection. To exploit this, an attacker can inject arbitrary program names and arguments into a WebSocket. These are forwarded to any remote server with a LogRhythm Smart Response agent installed. By default, the commands are run with LocalSystem privileges.
References (1)
Core 1
Core References
Exploit, Third Party Advisory x_refsource_misc
https://cybercx.com.au/blog/2020/12/15/logrhythm-zero-days/
Scores
CVSS v3
9.8
EPSS
0.0311
EPSS Percentile
86.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-78
Status
published
Products (1)
logrhythm/platform_manager
7.4.9
Published
Dec 17, 2020
Tracked Since
Feb 18, 2026