CVE-2020-27277

Sažetak

Delta Electronics DOPSoft Version 4.0.8.21 and prior has a null pointer dereference issue while processing project files, which may allow an attacker to execute arbitrary code.

Reference

https://us-cert.cisa.gov/ics/advisories/icsa-21-005-05
https://www.zerodayinitiative.com/advisories/ZDI-21-033/

CVSS

Base:	9.3
Impact:	10.0
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

09-03-2021 - 16:07

Objavljeno

11-01-2021 - 16:15