9.8
CVE-2020-12830
- EPSS 3.16%
- Veröffentlicht 27.10.2020 20:15:21
- Zuletzt bearbeitet 21.11.2024 05:00:21
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginAddressed multiple stack buffer overflow vulnerabilities that could allow an attacker to carry out escalation of privileges through unauthorized remote code execution in Western Digital My Cloud devices before 5.04.114.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Westerndigital ≫ My Cloud Firmware Version < 5.04.114
Westerndigital ≫ My Cloud Ex4100 Version-
Westerndigital ≫ My Cloud Expert Series Ex2 Version-
Westerndigital ≫ My Cloud Mirror - Gen 2 Version-
Westerndigital ≫ My Cloud Pr2100 Version-
Westerndigital ≫ My Cloud Pr4100 Version-
Westerndigital ≫ My Cloud Expert Series Ex2 Version-
Westerndigital ≫ My Cloud Mirror - Gen 2 Version-
Westerndigital ≫ My Cloud Pr2100 Version-
Westerndigital ≫ My Cloud Pr4100 Version-
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 3.16% | 0.864 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
CWE-787 Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.