Vulnerability Details CVE-2014-2378
Sensys Networks VSN240-F and VSN240-T sensors VDS before 2.10.1 and TrafficDOT before 2.10.3 do not verify the integrity of downloaded updates, which allows remote attackers to execute arbitrary code via a Trojan horse update.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 62.8%
CVSS Severity
CVSS v2 Score 7.6
References
Products affected by CVE-2014-2378
-
cpe:2.3:a:sensysnetworks:trafficdot:*
-
cpe:2.3:a:sensysnetworks:trafficdot:2.10.0
-
cpe:2.3:a:sensysnetworks:trafficdot:2.10.1
-
cpe:2.3:a:sensysnetworks:trafficdot:2.8.3
-
cpe:2.3:a:sensysnetworks:vds:*
-
cpe:2.3:a:sensysnetworks:vds:1.8.5
-
cpe:2.3:a:sensysnetworks:vds:1.8.7
-
cpe:2.3:a:sensysnetworks:vds:2.6.3
-
cpe:2.3:a:sensysnetworks:vds:2.6.4
-
cpe:2.3:h:sensysnetworks:vsn240-f:-
-
cpe:2.3:h:sensysnetworks:vsn240-t:-