CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-29394

A buffer overflow in the dlt_filter_load function in dlt_common.c from dlt-daemon through 2.18.5 (GENIVI Diagnostic Log and Trace) allows arbitrary code execution because fscanf is misused (no limit on the number of characters to be read in the format argument).

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 68.2%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 6.8

References

Products affected by CVE-2020-29394

Genivi » Diagnostic Log And Trace » Version: 2.10.0

cpe:2.3:a:genivi:diagnostic_log_and_trace:2.10.0
Genivi » Diagnostic Log And Trace » Version: 2.11.0

cpe:2.3:a:genivi:diagnostic_log_and_trace:2.11.0
Genivi » Diagnostic Log And Trace » Version: 2.11.1

cpe:2.3:a:genivi:diagnostic_log_and_trace:2.11.1
Genivi » Diagnostic Log And Trace » Version: 2.12.0

cpe:2.3:a:genivi:diagnostic_log_and_trace:2.12.0
Genivi » Diagnostic Log And Trace » Version: 2.12.1

cpe:2.3:a:genivi:diagnostic_log_and_trace:2.12.1
Genivi » Diagnostic Log And Trace » Version: 2.13.0

cpe:2.3:a:genivi:diagnostic_log_and_trace:2.13.0
Genivi » Diagnostic Log And Trace » Version: 2.14.0

cpe:2.3:a:genivi:diagnostic_log_and_trace:2.14.0
Genivi » Diagnostic Log And Trace » Version: 2.14.1

cpe:2.3:a:genivi:diagnostic_log_and_trace:2.14.1
Genivi » Diagnostic Log And Trace » Version: 2.15.0

cpe:2.3:a:genivi:diagnostic_log_and_trace:2.15.0
Genivi » Diagnostic Log And Trace » Version: 2.16.0

cpe:2.3:a:genivi:diagnostic_log_and_trace:2.16.0
Genivi » Diagnostic Log And Trace » Version: 2.17.0

cpe:2.3:a:genivi:diagnostic_log_and_trace:2.17.0
Genivi » Diagnostic Log And Trace » Version: 2.18.0

cpe:2.3:a:genivi:diagnostic_log_and_trace:2.18.0
Genivi » Diagnostic Log And Trace » Version: 2.18.1

cpe:2.3:a:genivi:diagnostic_log_and_trace:2.18.1
Genivi » Diagnostic Log And Trace » Version: 2.18.2

cpe:2.3:a:genivi:diagnostic_log_and_trace:2.18.2
Genivi » Diagnostic Log And Trace » Version: 2.18.3

cpe:2.3:a:genivi:diagnostic_log_and_trace:2.18.3
Genivi » Diagnostic Log And Trace » Version: 2.18.4

cpe:2.3:a:genivi:diagnostic_log_and_trace:2.18.4
Genivi » Diagnostic Log And Trace » Version: 2.18.5

cpe:2.3:a:genivi:diagnostic_log_and_trace:2.18.5
Genivi » Diagnostic Log And Trace » Version: 2.2.0

cpe:2.3:a:genivi:diagnostic_log_and_trace:2.2.0
Genivi » Diagnostic Log And Trace » Version: 2.3.0

cpe:2.3:a:genivi:diagnostic_log_and_trace:2.3.0
Genivi » Diagnostic Log And Trace » Version: 2.4.0

cpe:2.3:a:genivi:diagnostic_log_and_trace:2.4.0
Genivi » Diagnostic Log And Trace » Version: 2.4.1

cpe:2.3:a:genivi:diagnostic_log_and_trace:2.4.1
Genivi » Diagnostic Log And Trace » Version: 2.4.2

cpe:2.3:a:genivi:diagnostic_log_and_trace:2.4.2
Genivi » Diagnostic Log And Trace » Version: 2.5.0

cpe:2.3:a:genivi:diagnostic_log_and_trace:2.5.0
Genivi » Diagnostic Log And Trace » Version: 2.5.1

cpe:2.3:a:genivi:diagnostic_log_and_trace:2.5.1
Genivi » Diagnostic Log And Trace » Version: 2.5.2

cpe:2.3:a:genivi:diagnostic_log_and_trace:2.5.2
Genivi » Diagnostic Log And Trace » Version: 2.6.0

cpe:2.3:a:genivi:diagnostic_log_and_trace:2.6.0
Genivi » Diagnostic Log And Trace » Version: 2.6.1

cpe:2.3:a:genivi:diagnostic_log_and_trace:2.6.1
Genivi » Diagnostic Log And Trace » Version: 2.6.2

cpe:2.3:a:genivi:diagnostic_log_and_trace:2.6.2
Genivi » Diagnostic Log And Trace » Version: 2.7.0

cpe:2.3:a:genivi:diagnostic_log_and_trace:2.7.0
Genivi » Diagnostic Log And Trace » Version: 2.7.1

cpe:2.3:a:genivi:diagnostic_log_and_trace:2.7.1
Genivi » Diagnostic Log And Trace » Version: 2.8.0

cpe:2.3:a:genivi:diagnostic_log_and_trace:2.8.0
Genivi » Diagnostic Log And Trace » Version: 2.8.5

cpe:2.3:a:genivi:diagnostic_log_and_trace:2.8.5
Genivi » Diagnostic Log And Trace » Version: 2.9.0

cpe:2.3:a:genivi:diagnostic_log_and_trace:2.9.0
Genivi » Diagnostic Log And Trace » Version: 2.9.1

cpe:2.3:a:genivi:diagnostic_log_and_trace:2.9.1
Debian » Debian Linux » Version: 10.0

cpe:2.3:o:debian:debian_linux:10.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-29394

Products

Pricing

Contact Us