CVE-2020-7820

Sažetak

Nexacro14/17 ExtCommonApiV13 Library under 2019.9.6 version contain a vulnerability that could allow remote attacker to execute arbitrary code by setting the arguments to the vulnerable API. This can be leveraged for code execution by rebooting the victim’s PC

Reference

http://support.tobesoft.co.kr/Support/index.html
https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35491

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

14-07-2020 - 19:07

Objavljeno

02-07-2020 - 13:15