CVE-2020-26155

HIGH

Utimaco Block-safe Firmware < 4.31.0 - Uncontrolled Search Path

Title source: rule

Description

Multiple files and folders in Utimaco SecurityServer 4.20.0.4 and 4.31.1.0. are installed with Read/Write permissions for authenticated users, which allows for binaries to be manipulated by non-administrator users. Additionally, entries are made to the PATH environment variable which, in conjunction with these weak permissions, could enable an attacker to perform a DLL hijacking attack.

References (2)

[Exploit, Vendor Advisory] https://hsm.utimaco.com/products-hardware-security-modules/general-purpose-hsm/

[Third Party Advisory] https://secureyourit.co.uk/wp/2021/03/13/utimaco-cve-2020-26155/

Scores

CVSS v3 7.8

EPSS 0.0004

EPSS Percentile 12.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Classification

CWE

CWE-427 CWE-732

Status published

Affected Products (8)

utimaco/block-safe_firmware

utimaco/cryptoserver_cp5_firmware

utimaco/cryptoserver_cp5_vs-nfd_firmware

utimaco/paymentserver_firmware < 4.31.0

utimaco/paymentserver_hybrid_firmware < 4.33.0

utimaco/securityserver_firmware < 4.31.1

Timeline

Published Mar 18, 2021

Tracked Since Feb 18, 2026