Plantronics HUB 3.21 Privilege Escalation

CVE Category Price Severity
CVE-2020-15906 CWE-269 $5,000 - $25,000 High
Author Risk Exploitation Type Date
Jay Turla High Local 2021-04-20
Our sensors found this exploit at:

Below is a copy:

Plantronics HUB 3.21 Privilege Escalation

CVSS 3.0 score:
7.8 (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

Description of the Vulnerable Product
Poly is a company with an annual revenue of 1,2 USD billion per year. 
They are behind the Plantronics brand producing audio devices for the 
segments business and consumer. Their software, Plantronics HUB, allows 
end users to customize the settings and view the status of the audio 
device plugged in the PC.

Product Homepage:

Version(s) Affected:
3.21 (last available) and prior

Tested on
Windows 10 and Windows 8

Vulnerability Description
Plantronics HUB 3.21 (and previous versions) is affected by a privilege 
escalation vulnerability allowing any local unprivileged user to acquire 
elevated access rights and take full control of the system.

Additionally local attackers can delete arbitrary files from the 
filesystem with the privileges of NT_AUTHORITY\SYSTEM.

More details can be found here:

Copyright ©2024 Exploitalert.

This information is provided for TESTING and LEGAL RESEARCH purposes only.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use and Privacy Policy and Impressum