Vulnerabilities > CVE-2020-5754 - Type Confusion vulnerability in Webroot Endpoint Agents

047910
CVSS 9.1 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
webroot
CWE-843
critical

Summary

Webroot endpoint agents prior to version v9.0.28.48 allows remote attackers to trigger a type confusion vulnerability over its listening TCP port, resulting in crashing or reading memory contents of the Webroot endpoint agent.

Vulnerable Configurations

Part Description Count
Application
Webroot
1