exploitDog

CVE-2020-7476

Опубликовано: 23 мар. 2020

Источник: nvd

CVSS3: 7.8

CVSS2: 4.4

EPSS Низкий

Описание

A CWE-426: Untrusted Search Path vulnerability exists in ZigBee Installation Kit (Versions prior to 1.0.1), which could cause execution of malicious code when a malicious file is put in the search path.

Ссылки

https://www.se.com/ww/en/download/document/SEVD-2020-070-03
Vendor Advisory
https://www.se.com/ww/en/download/document/SEVD-2020-070-03
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:schneider-electric:ulti_zigbee_installation_toolkit:*:*:*:*:*:*:*:*

Версия до 1.0.1 (исключая)

EPSS

Процентиль: 35%

0.00146

Низкий

7.8 High

CVSS3

4.4 Medium

CVSS2

Дефекты

CWE-426

CWE-426

Связанные уязвимости

GHSA-6hhf-gxf5-xh4c

github

больше 3 лет назад

A CWE-426: Untrusted Search Path vulnerability exists in ZigBee Installation Kit (Versions prior to 1.0.1), which could cause execution of malicious code when a malicious file is put in the search path.

EPSS

Процентиль: 35%

0.00146

Низкий

7.8 High

CVSS3

4.4 Medium

CVSS2

Дефекты

CWE-426

CWE-426