216.73.217.86

CVE-2020-36879

· Published 05/12/2025 18:15 · Modified 08/12/2025 18:26

Labels: CVE-2020-36879 2025-12-05CVE-2020-36879CWE-428[email protected]

Essential information

Published
05/12/2025 18:15
Modified
08/12/2025 18:26
Author
Creator
CVSS
8.5 HIGH (v3) 8.5 HIGH (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

Flexsense DiskBoss 11.7.28 allows unauthenticated attackers to elevate their privileges using any of its services, enabling remote code execution during startup or reboot with escalated privileges. Attackers can exploit the unquoted service path vulnerability by specifying a malicious service name in the 'sc qc' command, allowing them to execute arbitrary system commands.

NVD status

Status
Awaiting Analysis — CVE has been marked for Analysis. Normally once in this state the CVE will be analyzed by NVD staff within 24 hours.
Source
[email protected]
NVD
View on NVD

References