CVE-2020-14510: OFF-BY-ONE ERROR CWE-193
First published: Tue Jul 28 2020(Updated: )
GateManager versions prior to 9.2c, The affected product contains a hard-coded credential for telnet, allowing an unprivileged attacker to execute commands as root.
Credit: ics-cert@hq.dhs.gov
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Secomea Gatemanager 8250 Firmware | =9.2c | |
| Secomea Gatemanager 8250 Firmware | ||
| Secomea |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2020-14510.
What is the severity level of CVE-2020-14510?
CVE-2020-14510 has a severity level of critical (9.8).
Which GateManager versions are affected by CVE-2020-14510?
GateManager versions prior to 9.2c are affected by CVE-2020-14510.
What is the impact of CVE-2020-14510?
CVE-2020-14510 allows an unprivileged attacker to execute commands as root.
Is there a fix available for CVE-2020-14510?
It is recommended to update to version 9.2c or later to mitigate CVE-2020-14510.
- agent/type
- agent/weakness
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/last-modified-date
- agent/title
- agent/first-publish-date
- agent/event
- agent/description
- agent/severity
- agent/references
- agent/softwarecombine
- agent/trending
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/ics-cert-advisory
- source/ICS
- agent/software-canonical-lookup
- vendor/secomea
- canonical/secomea gatemanager 8250 firmware
- version/secomea gatemanager 8250 firmware/9.2c
- canonical/secomea