Vulnerability Details CVE-2020-9525
CS2 Network P2P through 3.x, as used in millions of Internet of Things devices, suffers from an authentication flaw that allows remote attackers to perform a man-in-the-middle attack, as demonstrated by eavesdropping on user video/audio streams, capturing credentials, and compromising devices.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 71.5%
CVSS Severity
CVSS v3 Score 8.1
CVSS v2 Score 6.8
References
Products affected by CVE-2020-9525
-
cpe:2.3:a:cs2-network:p2p:2.2.4.0
-
cpe:2.3:a:cs2-network:p2p:2.2.4.0a
-
cpe:2.3:a:cs2-network:p2p:3.0.3
-
cpe:2.3:a:cs2-network:p2p:3.0.3a