CVE-2020-13771
First published: Thu Nov 12 2020(Updated: )
Various components in Ivanti Endpoint Manager through 2020.1.1 rely on Windows search order when loading a (nonexistent) library file, allowing (under certain conditions) one to gain code execution (and elevation of privileges to the level of privilege held by the vulnerable component such as NT AUTHORITY\SYSTEM) via DLL hijacking. This affects ldiscn32.exe, IpmiRedirectionService.exe, LDAPWhoAmI.exe, and ldprofile.exe.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ivanti Endpoint Manager | <=2020.1.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2020-13771?
CVE-2020-13771 is a vulnerability in Ivanti Endpoint Manager through 2020.1.1 that allows for code execution and elevation of privileges.
How does CVE-2020-13771 work?
CVE-2020-13771 relies on Windows search order when loading a (nonexistent) library file, which can be exploited to gain code execution and elevation of privileges.
What is the severity of CVE-2020-13771?
CVE-2020-13771 has a severity rating of 7.8 (High).
How can I fix CVE-2020-13771?
To fix CVE-2020-13771, update Ivanti Endpoint Manager to a version that is after 2020.1.1.
Where can I find more information about CVE-2020-13771?
More information about CVE-2020-13771 can be found at the following link: [https://labs.jumpsec.com/advisory-cve-2020-13771-ivanti-uem-dll-hijacking/]
- collector/nvd-index
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/ivanti
- canonical/ivanti endpoint manager
- version/ivanti endpoint manager/2020.1.1