CVE-2020-10616 Vulnerability Details

  /     /     /  

CVE-2020-10616 Metadata Quick Info

CVE Published: 14/05/2020 | CVE Updated: 04/08/2024 | CVE Year: 2020
Source: icscert | Vendor: n/a | Product: Opto 22 SoftPAC Project
Status : PUBLISHED

---

CVE-2020-10616 Description

Opto 22 SoftPAC Project Version 9.6 and prior. SoftPAC does not specify the path of multiple imported .dll files. Therefore, an attacker can replace them and execute code whenever the service starts.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID: CWE-427
CWE Name: UNCONTROLLED SEARCH PATH ELEMENT CWE-427
Source: n/a

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).