CVE-2020-14321 – Moodle / Moodle – Privilege escalation

CVE-2020-14321 is a privilege escalation vulnerability impacting multiple versions of Moodle. An exploit was observed in open source and a link to an exploit was shared in the underground. Additionally, a walk-through demo of an exploit was shared via YouTube.

Summary:

CVE-2020-14321 is a privilege escalation vulnerability impacting multiple versions of Moodle. An exploit was observed in open source and a link to an exploit was shared in the underground. Additionally, a walk-through demo of an exploit was shared via YouTube.

PoC Links(if available):

Exploit DB link –
https://www.exploit-db.com/exploits/50180

Known Counter Measures:

Moodle addressed the vulnerability in a security advisory with updated versions.

Links to patches(if available)

https://moodle.org/mod/forum/discuss.php?d=407393