Описание
A vulnerability classified as critical was found in uTorrent. This vulnerability affects unknown code of the component PRNG. The manipulation leads to weak authentication. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component.
Ссылки
- Third Party Advisory
- ExploitIssue TrackingMailing ListThird Party Advisory
- ExploitPermissions RequiredThird Party AdvisoryVDB Entry
- Third Party Advisory
- ExploitIssue TrackingMailing ListThird Party Advisory
- ExploitPermissions RequiredThird Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:bittorrent:utorrent:-:*:*:*:*:*:*:*
EPSS
Процентиль: 61%
0.00409
Низкий
5 Medium
CVSS3
8.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-287
CWE-287
Связанные уязвимости
CVSS3: 8.8
github
больше 3 лет назад
A vulnerability classified as critical was found in uTorrent. This vulnerability affects unknown code of the component PRNG. The manipulation leads to weak authentication. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component.
EPSS
Процентиль: 61%
0.00409
Низкий
5 Medium
CVSS3
8.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-287
CWE-287