exploitDog

CVE-2021-20836

Опубликовано: 19 окт. 2021

Источник: nvd

CVSS3: 6.5

CVSS2: 6

EPSS Низкий

Описание

Out-of-bounds read vulnerability in CX-Supervisor v4.0.0.13 and v4.0.0.16 allows an attacker with administrative privileges to cause information disclosure and/or arbitrary code execution by opening a specially crafted SCS project files.

Ссылки

https://jvn.jp/en/vu/JVNVU90041391/index.html
Release Notes
Third Party Advisory
https://www.myomron.com/index.php?action=kb&article=1692
Patch
Vendor Advisory
https://jvn.jp/en/vu/JVNVU90041391/index.html
Release Notes
Third Party Advisory
https://www.myomron.com/index.php?action=kb&article=1692
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:omron:cx-supervisor:4.0.0.13:*:*:*:*:*:*:*

cpe:2.3:a:omron:cx-supervisor:4.0.0.16:*:*:*:*:*:*:*

EPSS

Процентиль: 75%

0.00901

Низкий

6.5 Medium

CVSS3

6 Medium

CVSS2

Дефекты

CWE-125

Связанные уязвимости

GHSA-vphf-83wr-763v

github

больше 3 лет назад

Out-of-bounds read vulnerability in CX-Supervisor v4.0.0.13 and v4.0.0.16 allows an attacker with administrative privileges to cause information disclosure and/or arbitrary code execution by opening a specially crafted SCS project files.

EPSS

Процентиль: 75%

0.00901

Низкий

6.5 Medium

CVSS3

6 Medium

CVSS2

Дефекты

CWE-125