CVE-2020-25185
published 2020-11-21CVE-2020-25185: The affected product is vulnerable to five post-authentication buffer overflows, which may allow a logged in user to remotely execute arbitrary code on the…
PriorityP357high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
2.10%
79.4th percentile
The affected product is vulnerable to five post-authentication buffer overflows, which may allow a logged in user to remotely execute arbitrary code on the IP150 (firmware versions 5.02.09).
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| paradox | ip150_firmware | — | — |
| paradox | ip150_firmware | — | — |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.06.5MEDIUMAV:N/AC:L/Au:S/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Paradox IP150 (Update A)
cisa_ics·2021-11-17·CVSS 8.8
[HIGH] Paradox IP150 (Update A)
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Paradox IP150 (Update A)
Last RevisedSeptember 19, 2022
Alert CodeICSA-20-324-02
## 1. EXECUTIVE SUMMARY
- CVSS v3 9.8
- ATTENTION: Exploitable remotely/low skill level to exploit
- Vendor: Paradox
- Equipment: IP150
- Vulnerabilities: Stack-based Buffer Overflow, Classic Buffer Overflow
## 2. UPDATE INFORMATION
This updated advisory is a follow-up to the original advisory titled ICSMA-20-324-02 Paradox IP150 that was published November 17, 2021, to the ICS webpage at www.cisa.gov/uscert.
## 3. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow
GHSA
GHSA-xrmc-6wqq-99wc: The affected product is vulnerable to five post-authentication buffer overflows, which may allow a logged in user to remotely execute arbitrary code o
ghsa_unreviewed·2022-05-24
CVE-2020-25185 [HIGH] CWE-120 GHSA-xrmc-6wqq-99wc: The affected product is vulnerable to five post-authentication buffer overflows, which may allow a logged in user to remotely execute arbitrary code o
The affected product is vulnerable to five post-authentication buffer overflows, which may allow a logged in user to remotely execute arbitrary code on the IP150 (firmware versions 5.02.09).
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2020-11-21
Published