Описание
Multiple binary application files on the CMS8000 device are compiled with 'not stripped' and 'debug_info' compilation settings. These compiler settings greatly decrease the level of effort for a threat actor to reverse engineer sensitive code and identify additional vulnerabilities.
Ссылки
- MitigationThird Party AdvisoryUS Government Resource
- MitigationThird Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:contechealth:cms8000_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:contechealth:cms8000:-:*:*:*:*:*:*:*
EPSS
Процентиль: 8%
0.00028
Низкий
3 Low
CVSS3
4.4 Medium
CVSS3
Дефекты
CWE-489
NVD-CWE-Other
Связанные уязвимости
CVSS3: 4.4
github
больше 3 лет назад
Multiple binary application files on the CMS8000 device are compiled with 'not stripped' and 'debug_info' compilation settings. These compiler settings greatly decrease the level of effort for a threat actor to reverse engineer sensitive code and identify additional vulnerabilities.
EPSS
Процентиль: 8%
0.00028
Низкий
3 Low
CVSS3
4.4 Medium
CVSS3
Дефекты
CWE-489
NVD-CWE-Other