Entreprise d'experts en Sécurité Informatique : Audits et conseils en cybersécurité
Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com


CVE-2020-13431

Description

I2P before 0.9.46 allows local users to gain privileges via a Trojan horse I2PSvc.exe file because of weak permissions on a certain %PROGRAMFILES% subdirectory.

POC

Reference

- https://blog.blazeinfosec.com/security-advisory-i2p-for-windows-local-privilege-escalation/

Github

No PoCs found on GitHub currently.