CVE-2020-36938

HIGH

WinAVR <20100110 - Privilege Escalation

Title source: llm

Description

WinAVR version 20100110 contains an insecure permissions vulnerability that allows authenticated users to modify system files and executables. Attackers can leverage the overly permissive access controls to potentially modify critical DLLs and executable files in the WinAVR installation directory.

Exploits (1)

exploitdb WRITEUP
by Mohammed Alshehri · textlocalwindows
https://www.exploit-db.com/exploits/49379

References (3)

Scores

CVSS v3 8.8
EPSS 0.0003
EPSS Percentile 9.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-732
Status published
Products (1)
WinAVR/WinAVR 20100110
Published Jan 27, 2026
Tracked Since Feb 18, 2026