virus logo FortiClient Vulnerability

Splashtop Streamer CVE-2020-12431 Permission Bypass Vulnerability

description-logoDescription

Splashtop Streamer on Windows has insecure permissions on the configuration file and named pipe allow for local privilege escalation to NT AUTHORITY/SYSTEM, by forcing a permission change to any Splashtop files and directories, with resultant DLL hijacking.

affected-products-logoAffected Applications

Splashtop Streamer

CVE References

CVE-2020-12431

Other References

https://nvd.nist.gov/vuln/detail/CVE-2020-12431
ID 2021
Created May 12, 2021
Description
Updated		 Oct 26, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Windows
Vendor Splashtop Inc
Patch manual
Application Splashtop Streamer