CVE-2019-20456: 
Goverlan Reach Client vulnerability analysis and mitigation

Goverlan Reach Console before 9.50, Goverlan Reach Server before 3.50, and Goverlan Client Agent before 9.20.50 were affected by an Untrusted Search Path vulnerability identified as CVE-2019-20456. The vulnerability was discovered and disclosed on October 28, 2019, with the CVE being assigned on February 16, 2020 (CVE Details, Goverlan Advisory).

The vulnerability is classified as CWE-426 (Untrusted Search Path) which leads to Command Injection and Local Privilege Escalation through DLL hijacking. The issue specifically affects the Goverlan Reach Agent processes GovAgentx64.exe and GovAgent.exe, allowing malicious actors to exploit DLL loading mechanisms (Goverlan Advisory).

The vulnerability enables a malicious actor to elevate their local privileges on a Windows system equipped with the Goverlan Reach Agents. Through DLL Hijacking, attackers can execute customized DLLs with elevated privileges using the Goverlan Reach Agent GovAgentx64.exe process (Goverlan Advisory).

The vulnerability has been patched in newer versions of the affected products. Users should update to Goverlan Reach Console v9.50 or later, Goverlan Reach Server v3.50 or later, and Goverlan Reach Client Agent v9.20.50 or later to remediate the vulnerability (Goverlan Advisory).

The vulnerability was responsibly disclosed by security researcher PovlTekstTV, who reported the issue directly to Goverlan (Goverlan Advisory).