The affected product is vulnerable to five post-authentication buffer overflows, which may allow a logged in user to remotely execute arbitrary code on the IP150 (firmware versions 5.02.09).
References
Link | Resource |
---|---|
https://us-cert.cisa.gov/ics/advisories/icsa-20-324-02 | Third Party Advisory US Government Resource |
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2020-11-20 22:15
Updated : 2020-12-03 07:01
NVD link : CVE-2020-25185
Mitre link : CVE-2020-25185
JSON object : View
CWE
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Products Affected
paradox
- ip150_firmware
- ip150