Vulnerability Details CVE-2020-9024
Iteris Vantage Velocity Field Unit 2.3.1 and 2.4.2 devices have world-writable permissions for the /root/cleardata.pl (executed as root by crond) and /root/loadperl.sh (executed as root at boot time) scripts.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 43.4%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
References
Products affected by CVE-2020-9024
-
cpe:2.3:h:iteris:vantage_velocity:-
-
cpe:2.3:o:iteris:vantage_velocity_firmware:2.3.1
-
cpe:2.3:o:iteris:vantage_velocity_firmware:2.4.2