{"vulnerability": "cve-2020-11552", "sightings": [{"uuid": "6159edc0-61c2-4e87-a924-e9529cb987a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-11552", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/1703", "content": "#exploit\nCVE-2020-11552:\nA critical vulnerability in ManageEngine ADSelfService Plus\nhttps://itsecurity.org/critical-manageengine-adselfservice-plus-rce-flaw-patched\n]-> PoC: https://seclists.org/fulldisclosure/2020/Aug/4", "creation_timestamp": "2022-12-07T21:16:35.000000Z"}, {"uuid": "58ea62c2-a44e-4398-aa70-46086fd07b1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-11552", "type": "seen", "source": "https://t.me/cibsecurity/14041", "content": "ATENTION\u203c New - CVE-2020-11552\n\nAn elevation of privilege vulnerability exists in ManageEngine ADSelfService Plus before build 6003 because it does not properly enforce user privileges associated with a Certificate dialog. This vulnerability could allow an unauthenticated attacker to escalate privileges on a Windows host. An attacker does not require any privilege on the target system in order to exploit this vulnerability. One option is the self-service option on the Windows login screen. Upon selecting this option, the thick-client software is launched, which connects to a remote ADSelfService Plus server to facilitate self-service operations. An unauthenticated attacker having physical access to the host could trigger a security alert by supplying a self-signed SSL certificate to the client. The View Certificate option from the security alert allows an attacker to export a displayed certificate to a file. This can further cascade to a dialog that can open Explorer as SYSTEM. By navigating from Explorer to \\windows\\system32, cmd.exe can be launched as a SYSTEM.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-08-11T20:55:25.000000Z"}]}