Insufficient input data validation while processing project files could result in an out-of-bounds read. A CVSS v3 base score of 7.8 has been assigned the CVSS vector string is ( AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H). An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application.ĬVE-2020-12497 has been assigned to this vulnerability. The following components and versions of Automation Worx Software Suite are affected:ģ.2 VULNERABILITY OVERVIEW 3.2.1 STACK-BASED BUFFER OVERFLOW CWE-121ĭue to insufficient input data validation while processing project files the buffer could be overflown. Successful exploitation could allow an attacker to execute arbitrary code under the privileges of the application. Vulnerabilities: Stack-based Buffer Overflow, Out-of-Bounds Read. ![]() Equipment: Automation Worx Software Suite.
0 Comments
Leave a Reply. |