VDB

GCVE-110-CERTCC-2020-760767

GCVE-110-CERTCC-2020-760767
Advisory Published
Vulnetix · Advisory published October 26, 2020
### Overview Macrium Reflect contains a privilege escalation vulnerability due to the use of an `OPENSSLDIR` variable that specifies a location where an unprivileged Windows user can create files. ### Description **CVE-2020-10143** Macrium Reflect includes an OpenSSL component that specifies an `OPENSSLDIR` variable as `C:\openssl\`. Macrium Reflect contains a privileged service that uses this OpenSSL component. Because unprivileged Windows users can create subdirectories off of the system root, a user can create the appropriate path to a specially-crafted `openssl.cnf` file to achieve arbitrary code execution with SYSTEM privileges. ### Impact By placing a specially-crafted `openssl.cnf` in the `C:\openssl\` directory, an unprivileged user may be able to execute arbitrary code with SYSTEM privileges on a Windows system with the vulnerable Macrium software installed. ### Solution #### Apply an update This vulnerability is addressed in [Macrium Reflect v7.3.5281](https://updates.macrium.com/reflect/v7/v7.3.5281/details7.3.5281.htm). ### Acknowledgements This vulnerability was reported by Will Dormann of the CERT/CC. This document was written by Will Dormann.

Browse GCVE Records

73,044 records in the GCVE database · Updated July 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›