Cyber Resilience

CVE-2020-36916

HighPublic PoCLPE

Published: 06 January 2026

Published
06 January 2026
Modified
15 April 2026
KEV Added
Patch
CVSS Score v4 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0022 13.0th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2020-36916 is a high-severity Incorrect Permission Assignment for Critical Resource (CWE-732) vulnerability in Ibmcloud (inferred from references). Its CVSS base score is 8.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 13.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and AC-6 (Least Privilege).

Deeper analysis

TDM Digital Signage PC Player 4.1.0.4 contains an elevation of privileges vulnerability, classified under CWE-732, that stems from excessive permissions allowing authenticated users to modify executable files. This flaw enables attackers to replace legitimate executables with malicious binaries, leading to unauthorized elevated access on the affected system. The vulnerability has a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating high severity due to its network accessibility, low complexity, and significant impacts on confidentiality, integrity, and availability.

An authenticated user with low privileges can exploit this vulnerability remotely without requiring user interaction. By leveraging the 'Modify' permissions, the attacker replaces executable files with custom malicious versions, achieving full system-level access and potentially compromising the entire host environment running the PC Player software.

References for further details include advisories from IBM X-Force Exchange (https://exchange.xforce.ibmcloud.com/vulnerabilities/190627), an exploit on Exploit-DB (https://www.exploit-db.com/exploits/48953) and Packet Storm (https://packetstorm.news/files/id/159723), as well as product pages from Sony (https://pro.sony/en_NL/products/display-software/tdm-ds1y-tdm-ds3y) and TDM Signage (https://www.tdmsignage.com). No specific patch or mitigation details are outlined in the provided information.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

TDM Digital Signage PC Player 4.1.0.4 contains an elevation of privileges vulnerability that allows authenticated users to modify executable files. Attackers can leverage the 'Modify' permissions for authenticated users to replace executable files with malicious binaries and gain elevated system…

more

access.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Direct privilege escalation via replacement of executables due to weak file permissions (CWE-732).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2025-21325Shared CWE-732
CVE-2025-12985Shared CWE-732
CVE-2026-25112Shared CWE-732
CVE-2025-22454Shared CWE-732
CVE-2026-8110Shared CWE-732
CVE-2024-55411Shared CWE-732
CVE-2024-11497Shared CWE-732
CVE-2026-24834Shared CWE-732
CVE-2026-41217Shared CWE-732
CVE-2025-21571Shared CWE-732

Affected Assets

Ibmcloud
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly prevents modification of executable program files, blocking attackers from replacing legitimate executables with malicious binaries.

prevent

Enforces least privilege to eliminate excessive modify permissions for low-privileged authenticated users on executable files.

prevent

Enforces access control policies that restrict unauthorized logical access and modifications to critical system resources like executables.

References