LiveActive security incident?Get immediate response
CVE Record

CVE-2020-21046: A local privilege escalation vulnerability was identified within the "luminati_net_updater_win_eagleget_com...

A local privilege escalation vulnerability was identified within the "luminati_net_updater_win_eagleget_com" service in EagleGet Downloader version 2.1.5.20 Stable. This issue allows authenticated non-administrative user to escalate their privilege and conduct code execution as a SYSTEM privilege.

UnknownCVSS not scoredNot KEV-listedUpdated
Glexia's TakeAutomated analysishigh

Security readout for executives and security teams

Plain-English summary

CVE-2020-21046 is a Windows local privilege escalation issue in EagleGet Downloader 2.1.5.20 Stable. A normal authenticated user may be able to run code with SYSTEM privileges through the named updater service. This matters most on shared workstations, kiosks, developer machines, or any endpoint where non-admin users can log in.

Executive priority

Prioritize remediation on shared or user-accessible Windows endpoints. The issue can turn a low-privileged foothold into SYSTEM control, but available evidence does not show active exploitation or remote attack exposure.

Technical view

The CVE describes local privilege escalation in the `luminati_net_updater_win_eagleget_com` service installed by EagleGet Downloader 2.1.5.20 Stable. The reported impact is code execution as SYSTEM by an authenticated non-administrative user. The source bundle does not provide CVSS, CWE, CPE, patch status, or detailed root-cause mechanics.

Likely exposure

Exposure appears limited to Windows systems with EagleGet Downloader 2.1.5.20 Stable and its updater service installed, especially where untrusted or lower-privileged users have local access.

Exploitation context

The bundle cites a public write-up, but CISA KEV status is false and no cited source in the bundle confirms active exploitation. This is post-authentication local escalation, not a remote unauthenticated entry point.

Researcher notes

Evidence is sparse. The CVE record names the affected version and service but omits CVSS, CWE, CPE, fixed release, and technical root cause. Avoid assuming broader EagleGet versions are affected without vendor or researcher confirmation.

Mitigation direction

  • Inventory endpoints for EagleGet Downloader 2.1.5.20 Stable.
  • Remove EagleGet where there is no business requirement.
  • Check vendor guidance for fixed versions or supported remediation.
  • Restrict local interactive access on affected shared systems.
  • Monitor affected hosts for unexpected SYSTEM process activity.

Validation and detection

  • Confirm whether EagleGet Downloader 2.1.5.20 Stable is installed.
  • Check for the `luminati_net_updater_win_eagleget_com` service.
  • Verify non-admin users cannot modify related service files or configuration.
  • Review endpoint logs for unusual activity tied to the updater service.
Prepared
Confidence
medium
Sources
3

Generated from the cited source records. This long-tail analysis has not been individually reviewed by a named human.

Potential ATT&CK relevance

Conservative CVE-to-ATT&CK context

These mappings and lookup hints may be relevant to the vulnerability behavior, CWE, affected product, or exposure path. Glexia-inferred context is not an official MITRE, ATT&CK, CWE, or CVE Program mapping.

ATT&CK lookup starting points

Use these exact CWE pages and searches to review the Glexia ATT&CK library from this CVE's weakness and description context.

description · low confidence lookup

Execution behavior lookup

The CVE wording references code or command execution, so execution technique review may help defensive triage. This is a Glexia inferred lookup path, not an official MITRE, ATT&CK, or CVE Program mapping.

Open ATT&CK lookup
description · low confidence lookup

Privilege behavior lookup

The CVE wording references privilege impact, so privilege escalation and authorization behavior review may help. This is a Glexia inferred lookup path, not an official MITRE, ATT&CK, or CVE Program mapping.

Open ATT&CK lookup
cve · low confidence lookup

CVE-2020-21046 mapping review

Open the CVE-to-ATT&CK bridge for reviewed, inferred, or future official mappings tied to this CVE.

Open ATT&CK lookup
Vulnerability profileCVE Program record
Severity
Unknown
CVSS
Not scored
Known Exploited
No
Published
Official CVE source material

CNA and ADP enrichment extracted from CVE v5

These fields come from the CVE record and ADP containers, not from Glexia's Take. They preserve time-varying source decisions such as CISA SSVC, KEV status, CVSS metrics, and provider references.

0CVSS vectors
3Timeline events
1ADP providers
3Source links

Vulnerability timeline

Timeline events are normalized from CVE metadata, CNA source timelines, ADP timelines, and KEV metadata when present.

  1. CVE reservedCVE Program

    The CVE ID was reserved by the assigning CNA.

  2. CVE publishedCVE Program

    The CVE record was published.

  3. CVE updatedCVE Program

    The CVE record metadata indicates this as the latest update time.

ADP provider summaries

CVECVE Program Container
Affected products

Products and packages named in the record

VendorProductVersion / packageStatus
n/an/an/aListed
Weakness

CWE details

No CWE listed

CWE links open Glexia weakness intelligence pages with official CWE context, developer remediation guidance, and related CVE mappings.