Security update for Lime CRM Desktop Client¶
Bulletin ID LCSEC20-01 Date published 2020-12-21 Priority 2 Severity Critical
Priority and severity ratings are determined as described here.
Summary¶
This security update resolved a vulnerability in Lime CRM Desktop Client. The vulnerability enables local Windows users to execute programs with elevated privileges.
Affected versions¶
| Product | Version | Platform |
|---|---|---|
| Lime CRM Desktop Client | initial – 10.18.579 | Windows |
Solution¶
Upgrade to newest version of Lime CRM Desktop Client.
| Product | Type | Updated version | Availability |
|---|---|---|---|
| Lime CRM Desktop Client | Product release | 10.18.962 - latest | Download |
Vulnerability information¶
Detailed summary¶
An attacker could launch Lime CRM Desktop Client with elevated privileges and via programmatic extensions or documents launch any Windows process with elevated privileges.
Mitigating factors¶
The attacker must be an authenticated user for the system and have a high technical knowledge about it.
- Last modified: 3 years ago
- by Jonatan Folger Asu