CVE-2020-10143 : Security Advisory and Response
Learn about CVE-2020-10143, a high-severity vulnerability in Macrium Reflect's OpenSSL component allowing arbitrary code execution with SYSTEM privileges. Find mitigation steps here.
Macrium Reflect contains a vulnerability that allows arbitrary code execution with SYSTEM privileges due to an OpenSSL component misconfiguration.
Understanding CVE-2020-10143
Macrium Reflect's OpenSSL component misconfiguration can lead to arbitrary code execution with SYSTEM privileges.
What is CVE-2020-10143?
Macrium Reflect's OpenSSL component specifies an OPENSSLDIR variable as C:\openssl. This misconfiguration allows unprivileged users to create a path to a specially-crafted openssl.cnf file, leading to arbitrary code execution with SYSTEM privileges.
The Impact of CVE-2020-10143
The vulnerability has a CVSS base score of 7.8, indicating a high severity level. It can result in high confidentiality, integrity, and availability impacts.
Technical Details of CVE-2020-10143
Macrium Reflect vulnerability technical specifics.
Vulnerability Description
The vulnerability arises from an OpenSSL component misconfiguration in Macrium Reflect, enabling unprivileged users to execute arbitrary code with SYSTEM privileges.
Affected Systems and Versions
- Product: Reflect
- Vendor: Macrium
- Versions affected: 7.2 (custom) and 7.3 (custom)
Exploitation Mechanism
- Attack Complexity: Low
- Attack Vector: Local
- Privileges Required: Low
- User Interaction: None
- Scope: Unchanged
Mitigation and Prevention
Protect your systems from CVE-2020-10143.
Immediate Steps to Take
- Update Macrium Reflect to a secure version.
- Monitor for any unusual activities on the system.
Long-Term Security Practices
- Implement the principle of least privilege to restrict user access.
- Regularly review and update security configurations.
Patching and Updates
- Apply security patches provided by Macrium promptly.