Script-Cache Privilege Escalation Vulnerability in JetBrains Kotlin 1.4-M1 to 1.4-RC

Script-Cache Privilege Escalation Vulnerability in JetBrains Kotlin 1.4-M1 to 1.4-RC

CVE-2020-15824 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

In JetBrains Kotlin from 1.4-M1 to 1.4-RC (as Kotlin 1.3.7x is not affected by the issue. Fixed version is 1.4.0) there is a script-cache privilege escalation vulnerability due to kotlin-main-kts cached scripts in the system temp directory, which is shared by all users by default.

Learn more about our User Device Pen Test.