| |
Vulnerability CVE-2020-14509
Published: 2020-09-16
| Description: |
Multiple memory corruption vulnerabilities exist in CodeMeter (All versions prior to 7.10) where the packet parser mechanism does not verify length fields. An attacker could send specially crafted packets to exploit these vulnerabilities. |
Type:
CWE-805
CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:P)
| CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
7.5/10 |
6.4/10 |
10/10 |
| Exploit range |
Attack complexity |
Authentication |
Remote |
Low |
No required |
| Confidentiality impact |
Integrity impact |
Availability impact |
Partial |
Partial |
Partial |
References: |
https://us-cert.cisa.gov/ics/advisories/icsa-20-203-01
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
