CVE-2020-7526: Input Validation
First published: Mon Aug 31 2020(Updated: )
Improper Input Validation vulnerability exists in PowerChute Business Edition (software V9.0.x and earlier) which could cause remote code execution when a script is executed during a shutdown event.
Credit: cybersecurity@se.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| APC PowerChute Network Shutdown | <9.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2020-7526.
What is the severity of CVE-2020-7526?
CVE-2020-7526 has a severity score of 8.8, which is considered high.
What software versions are affected by CVE-2020-7526?
CVE-2020-7526 affects PowerChute Business Edition software versions 9.0.x and earlier.
What is the risk associated with CVE-2020-7526?
CVE-2020-7526 can potentially lead to remote code execution when a script is executed during a shutdown event.
Is there a fix available for CVE-2020-7526?
It is recommended to update to version 9.1 or newer of PowerChute Business Edition to mitigate the vulnerability.
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/references
- agent/author
- agent/weakness
- agent/last-modified-date
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/apc
- canonical/apc powerchute network shutdown