CVE-2006-2714

2006-05-3122:00:00

mitre

www.cve.org

6.6 Medium

AI Score

Confidence

High

0.025 Low

EPSS

Percentile

90.1%

JSON

Secure Elements Class 5 AVR client (aka C5 EVM) before 2.8.1 does not validate the CEID of an incoming message, which allows remote attackers to send messages to a protected asset without knowing the proper CEID.

References

secunia.com/advisories/20378

securitytracker.com/id?1016184

www.kb.cert.org/vuls/id/635721

www.kb.cert.org/vuls/id/WDON-6Q6SDL

www.vupen.com/english/advisories/2006/2069

exchange.xforce.ibmcloud.com/vulnerabilities/26783