← back
CVE-2020-13095

CVE-2020-13095

EPSS 1.9%CWE-59
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 1.9%KEV nãoPoC Patch
Lifecycle
30 Jun 2020Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Little Snitch version 4.5.1 and older changed ownership of a directory path controlled by the user. This allowed the user to escalate to root by linking the path to a directory containing code executed by root.
Affected products
n/a · Little Snitch

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://obdev.at/cve/2020-13095-t46oXJJOwz.html