CVE-2020-36938

Sažetak

WinAVR version 20100110 contains an insecure permissions vulnerability that allows authenticated users to modify system files and executables. Attackers can leverage the overly permissive access controls to potentially modify critical DLLs and executable files in the WinAVR installation directory.

Reference

https://sourceforge.net/projects/winavr/
https://www.exploit-db.com/exploits/49379
https://www.vulncheck.com/advisories/winavr-version-insecure-folder-permissions

CVSS

Base:	8.8
Impact:	5.9
Exploitability:	2.8

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	LOW

Impact

Povjerljivost	Cjelovitost	Dostupnost
HIGH	HIGH	HIGH

CVSS vektor

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Zadnje važnije ažuriranje

29-01-2026 - 16:31

Objavljeno

27-01-2026 - 16:16