Vulnerabilities > CVE-2020-24055 - Out-of-bounds Write vulnerability in Verint 4320 Firmware and 5620Ptz Firmware
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Verint 5620PTZ Verint_FW_0_42 and Verint 4320 V4320_FW_0_23, and V4320_FW_0_31 units feature an autodiscovery service implemented in the binary executable '/usr/sbin/DM' that listens on port TCP 6666. The service is vulnerable to a stack buffer overflow. It is worth noting that this service does not require any authentication.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 3 | |
Hardware | 2 |