CVE-2020-15007

moderate-risk
Published 2020-06-24

A buffer overflow in the M_LoadDefaults function in m_misc.c in id Tech 1 (aka Doom engine) allows arbitrary code execution via an unsafe usage of fscanf, because it does not limit the number of characters to be read in a format argument.

Do I need to act?

~
1.3% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
+
Fix available
Upgrade to: 8a6d9a02fa991a91ff90ccdc73b5ceabaa6cb9ec, 8a6d9a02fa991a91ff90ccdc73b5ceabaa6cb9ec
9
CVSS 9.8/10 Critical
NETWORK / LOW complexity

Affected Products (2)

Tech 1
Doom Vanille

Affected Vendors

Idsoftware Doom Vanille Project

References (4)

Patch https://github.com/AXDOOMER/doom-vanille/commit/8a6d9a02fa991a91ff90ccdc73b5ceab...
Third Party Advisory https://twitter.com/notrevenant/status/1268654123903340544
Patch https://github.com/AXDOOMER/doom-vanille/commit/8a6d9a02fa991a91ff90ccdc73b5ceab...
Third Party Advisory https://twitter.com/notrevenant/status/1268654123903340544
43
/ 100
moderate-risk
Severity 32/34 · Critical
Exploitability 4/34 · Minimal
Exposure 7/34 · Low