Lucene search

BitdefenderCVELIST:CVE-2020-15744

HistoryAug 30, 2021 - 9:50 a.m.

CVE-2020-15744 Stack-based buffer overflow leading to RCE in Victure Camera

2021-08-3009:50:09

CWE-121

Bitdefender

www.cve.org

victure pc420

buffer overflow

remote code execution

onvif server

CVSS3

9.6

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

AI Score

9.7

Confidence

High

EPSS

0.006

Percentile

78.8%

JSON

Stack-based Buffer Overflow vulnerability in the ONVIF server component of Victure PC420 smart camera allows an attacker to execute remote code on the target device. This issue affects: Victure PC420 firmware version 1.2.2 and prior versions.

CNA Affected

[
  {
    "product": "PC420",
    "vendor": "Victure",
    "versions": [
      {
        "lessThanOrEqual": "1.2.2",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

References

www.bitdefender.com/blog/labs/cracking-the-victure-pc420-camera

CVSS3

9.6

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

AI Score

9.7

Confidence

High

EPSS

0.006

Percentile

78.8%

JSON

Related for CVELIST:CVE-2020-15744