Vulnerabilities > CVE-2020-5754 - Type Confusion vulnerability in Webroot Endpoint Agents

CVSS 6.4 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

webroot

CWE-843

NVD

Published: 2020-06-15

Updated: 2020-06-22

Summary

Webroot endpoint agents prior to version v9.0.28.48 allows remote attackers to trigger a type confusion vulnerability over its listening TCP port, resulting in crashing or reading memory contents of the Webroot endpoint agent.

Vulnerable Configurations

Part	Description	Count
Application	Webroot Webroot Endpoint Agents *	1

Common Weakness Enumeration (CWE)

CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion')

References

https://www.tenable.com/security/research/tra-2020-36