CRITICAL🇬🇧 English

CVE-2020-26867

CVSS 9.8v3.1pub. 2020-10-12upd. 2024-11-21

ARC Informatique PcVue prior to version 12.0.17 is vulnerable due to the deserialization of untrusted data, which may allow an attacker to remotely execute arbitrary code on the web and mobile back-end server.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Pcvuesolutions Pcvue

    APP
    Pcvuesolutions
    8.10 – 12.0.17 (bez)
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
RCEDeserialization
CWE
Referencje

Powiązane podatności

CVE-2020-26868HIGH7.5ten sam produkt

ARC Informatique PcVue prior to version 12.0.17 is vulnerable to a denial-of-service attack due to the ability...

CVE-2020-26869HIGH7.5ten sam produkt

ARC Informatique PcVue prior to version 12.0.17 is vulnerable to information exposure, allowing unauthorized u...