Vulnerabilities (CVE)

Filtered by vendor Opto22 Subscribe

Filtered by product Softpac Project

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2020-12046	1 Opto22	1 Softpac Project	2020-05-18	3.5 LOW	5.7 MEDIUM
Opto 22 SoftPAC Project Version 9.6 and prior. SoftPAC’s firmware files’ signatures are not verified upon firmware update. This allows an attacker to replace legitimate firmware files with malicious files.
CVE-2020-12042	1 Opto22	1 Softpac Project	2020-05-18	4.0 MEDIUM	6.5 MEDIUM
Opto 22 SoftPAC Project Version 9.6 and prior. Paths specified within the zip files used to update the SoftPAC firmware are not sanitized. As a result, an attacker with user privileges can gain arbitrary file write access with system access.