CVE-2020-37042: Kritische Puffer-Überlauf-Lücke in Frigate Professional
⚠️ CVE-Referenzen:
CVE-2020-37042
Zusammenfassung
Die Frigate Professional-Software ist von einer schwerwiegenden Sicherheitslücke betroffen, die es Angreifern ermöglicht, durch Manipulation des "Find Computer"-Features lokal bösartigen Code auszuführen. Nutzer sollten umgehend Schritte ergreifen, um die damit verbundenen Risiken zu mindern, bis ein Patch verfügbar ist.
Winfrigate - Frigate 3 Professional - HIGH - CVE-2020-37042.
Frigate Professional 3.36.0.9 is susceptible to a local buffer overflow vulnerability within its 'Find Computer' feature. This flaw allows attackers to exploit the computer name input field, crafting a malicious payload that triggers a buffer overflow. Successful exploitation can lead to unauthorized code execution, exemplified by launching the calculator application as a proof of concept. Users of Frigate Professional should take immediate steps to mitigate potential risks associated with this vulnerability.
BADGES: 👾 EXPLOITED | 🟡 PoC | SecurityVulnerability.io
Quelle: securityvulnerability.io