Every CVE whose affected-product data names 1e Client, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2020-16268 — CVSS 8.8 (high): The MSI installer in 1E Client 4.1.0.267 and 5.0.0.745 allows remote authenticated users and local users to gain elevated privileges via…
CVE-2020-27644 — CVSS 8.8 (high): The Inventory module of the 1E Client 5.0.0.745 doesn't handle an unquoted path when executing %PROGRAMFILES%\1E\Client\Tachyon.Performance…
CVE-2020-27645 — CVSS 8.8 (high): The Inventory module of the 1E Client 5.0.0.745 doesn't handle an unquoted path when executing %PROGRAMFILES%\1E\Client\Tachyon.Performance…
CVE-2023-45160 — CVSS 8.8 (high): In the affected version of the 1E Client, an ordinary user could subvert downloaded instruction resource files, e.g., to substitute a…
CVE-2023-45159 — CVSS 8.4 (high): 1E Client installer can perform arbitrary file deletion on protected files. A non-privileged user could provide a symbolic link or Windows…
CVE-2020-27643 — CVSS 6.5 (medium): The %PROGRAMDATA%\1E\Client directory in 1E Client 5.0.0.745 and 4.1.0.267 allows remote authenticated users and local users to create and…