CVE-2020-7552
moderate-risk
Published 2020-11-19
A CWE-787: Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247, that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition.
Do I need to act?
-
0.68% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.8/10
High
LOCAL
/ LOW complexity
Affected Products (1)
Affected Vendors
References (2)
Vendor Advisory
https://www.se.com/ww/en/download/document/SEVD-2020-315-03/
Vendor Advisory
https://www.se.com/ww/en/download/document/SEVD-2020-315-03/
31
/ 100
moderate-risk
Severity
24/34 · High
Exploitability
2/34 · Minimal
Exposure
5/34 · Minimal