Skip to main content
CVE-2020-8539 HIGH POC This Week

Kia Motors Head Unit with Software version: SOP.003.30.18.0703, SOP.005.7.181019, and SOP.007.1.191209 may allow an attacker to inject unauthorized commands, by executing the micomd executable. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Head Unit Firmware
NVD GitHub
CVSS 3.1
7.8
EPSS
2.3%
CVE-2020-28993 HIGH POC This Week

A Directory Traversal vulnerability exists in ATX miniCMTS200a Broadband Gateway through 2.0 and Pico CMTS through 2.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Minicmts200A Firmware
NVD Exploit-DB
CVSS 3.1
7.5
EPSS
2.8%
CVE-2020-7547 HIGH This Week

A CWE-284: Improper Access Control vulnerability exists in EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software (see security notification for version information) that could allow a. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Ecostruxure Energy Expert Ecostruxure Power Monitoring Expert Power Manager Powerscada Expert With Advanced Reporting And Dashboards +1
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2020-25181 HIGH This Week

WECON PLC Editor Versions 1.3.8 and prior has a heap-based buffer overflow vulnerabilities have been identified that may allow arbitrary code execution. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Heap Overflow Plc Editor
NVD
CVSS 3.1
8.8
EPSS
2.0%
CVE-2020-25177 HIGH This Week

WECON PLC Editor Versions 1.3.8 and prior has a stack-based buffer overflow vulnerability has been identified that may allow arbitrary code execution. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow RCE Stack Overflow Plc Editor
NVD
CVSS 3.1
8.8
EPSS
1.7%
CVE-2020-7335 HIGH This Week

Privilege Escalation vulnerability in Microsoft Windows client McAfee Total Protection (MTP) prior to 16.0.29 allows local users to gain elevated privileges via careful manipulation of a folder by. Rated high severity (CVSS 7.8). No vendor patch available.

Privilege Escalation Microsoft Total Protection
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2020-9117 HIGH This Week

HUAWEI nova 4 versions earlier than 10.0.0.165(C01E34R2P4) and SydneyM-AL00 versions earlier than 10.0.0.165(C00E66R1P5) have an out-of-bounds read and write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow RCE Huawei Information Disclosure Nova 4 Firmware +1
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2020-9114 HIGH This Week

FusionCompute versions 6.3.0, 6.3.1, 6.5.0, 6.5.1 and 8.0.0 have a privilege escalation vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Fusioncompute
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2020-7545 HIGH This Week

A CWE-284:Improper Access Control vulnerability exists in EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software (see security notification for version information) that could allow for. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Authentication Bypass Ecostruxure Energy Expert Ecostruxure Power Monitoring Expert Power Manager +2
NVD
CVSS 3.1
7.2
EPSS
2.0%
CVE-2020-9116 HIGH This Week

Huawei FusionCompute versions 6.5.1 and 8.0.0 have a command injection vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Huawei Command Injection Fusioncompute
NVD
CVSS 3.1
7.2
EPSS
1.0%
CVE-2020-9115 HIGH This Week

ManageOne versions 6.5.1.1.B010, 6.5.1.1.B020, 6.5.1.1.B030, 6.5.1.1.B040, ,6.5.1.1.B050, 8.0.0 and 8.0.1 have a command injection vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Manageone
NVD
CVSS 3.1
7.2
EPSS
1.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy