CVE-2020-10733

The Windows installer for PostgreSQL 9.5 - 12 invokes system-provided executables that do not have fully-qualified paths. Executables in the directory where the installer loads or the current working directory take precedence over the intended executables. An attacker having permission to add files into one of those directories can use this to execute arbitrary code with the installer's administrative rights.

Published: Sep 16, 2020
Updated: Apr 13, 2023
CVE: CVE-2020-10733
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.3
AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

CVSS v2:

Severity: Low
Score: 4.4
AV:L/AC:M/Au:N/C:P/I:P/A:P

CWEs:

CWE-426

Affected Software
References

Software	From	Fixed in
postgresql / postgresql	9.6	9.6.18
postgresql / postgresql	11.0	11.8
postgresql / postgresql	10.0	10.13
postgresql / postgresql	12.0	12.3
postgresql / postgresql	9.5	9.5.22

https://security.netapp.com/advisory/ntap-20201001-0006/
https://www.postgresql.org/about/news/2038/
https://www.postgresql.org/support/security/11/

Vulnerability Database

289,599

CVE-2020-10733