Vulnerability Details CVE-2020-12042
Opto 22 SoftPAC Project Version 9.6 and prior. Paths specified within the zip files used to update the SoftPAC firmware are not sanitized. As a result, an attacker with user privileges can gain arbitrary file write access with system access.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 22.9%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.0
References
Products affected by CVE-2020-12042
-
cpe:2.3:a:opto22:softpac_project:-
-
cpe:2.3:a:opto22:softpac_project:9.6