CVE-2020-12782
moderate-risk
Published 2020-06-23
Openfind MailGates contains a Command Injection flaw, when receiving email with specific strings, malicious code in the mail attachment will be triggered and gain unauthorized access to system files.
Do I need to act?
~
6.9% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.8/10
Critical
NETWORK
/ LOW complexity
Affected Products (2)
Mailaudit
Mailgates
Affected Vendors
References (2)
Third Party Advisory
https://www.twcert.org.tw/tw/cp-132-3688-271ea-1.html
Third Party Advisory
https://www.twcert.org.tw/tw/cp-132-3688-271ea-1.html
48
/ 100
moderate-risk
Severity
32/34 · Critical
Exploitability
9/34 · Low
Exposure
7/34 · Low