CVE-2020-12022

Sažetak

Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. An improper validation vulnerability exists that could allow an attacker to inject specially crafted input into memory where it can be executed.

Reference

https://www.us-cert.gov/ics/advisories/icsa-20-128-01
https://www.zerodayinitiative.com/advisories/ZDI-20-598/

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

11-05-2020 - 20:47

Objavljeno

08-05-2020 - 12:15