1e Client
6 CVEs affecting 1e Client. Latest disclosed: 2023-10-05. Critical: 0, High: 5.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-45160 | High | 8.8 | 2023-10-05 | In the affected version of the 1E Client, an ordinary user could subvert downloaded instruction resource files, e.g., to substitute a harmful script. by replac… |
CVE-2020-27645 | High | 8.8 | 2020-12-29 | The Inventory module of the 1E Client 5.0.0.745 doesn't handle an unquoted path when executing %PROGRAMFILES%\1E\Client\Tachyon.Performance.Metrics.exe. This m… |
CVE-2020-27644 | High | 8.8 | 2020-12-29 | The Inventory module of the 1E Client 5.0.0.745 doesn't handle an unquoted path when executing %PROGRAMFILES%\1E\Client\Tachyon.Performance.Metrics.exe. This m… |
CVE-2020-16268 | High | 8.8 | 2020-12-29 | The MSI installer in 1E Client 4.1.0.267 and 5.0.0.745 allows remote authenticated users and local users to gain elevated privileges via the repair option. Thi… |
CVE-2023-45159 | High | 8.4 | 2023-10-05 | 1E Client installer can perform arbitrary file deletion on protected files. A non-privileged user could provide a symbolic link or Windows junction to point… |
CVE-2020-27643 | Medium | 6.5 | 2020-12-29 | The %PROGRAMDATA%\1E\Client directory in 1E Client 5.0.0.745 and 4.1.0.267 allows remote authenticated users and local users to create and modify files in prot… |