Vulnerabilities > CVE-2020-7853 - Out-of-bounds Write vulnerability in Tobesoft Xplatform

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

tobesoft

CWE-787

critical

NVD

Published: 2021-03-24

Updated: 2021-03-26

Summary

An outbound read/write vulnerability exists in XPLATFORM that does not check offset input ranges, allowing out-of-range data to be read. An attacker can exploit arbitrary code execution.

Vulnerable Configurations

Part	Description	Count
Application	Tobesoft Tobesoft Xplatform - Tobesoft Xplatform 9.1 Tobesoft Xplatform 9.2 Tobesoft Xplatform 9.2.0 Tobesoft Xplatform 9.2.1 Tobesoft Xplatform 9.2.2 Tobesoft Xplatform 9.2.2.80 Tobesoft Xplatform 9.2.2.250	8
OS	Microsoft Microsoft Windows -	1

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35943