CVE-2020-3931
published 2020-07-08CVE-2020-3931: Buffer overflow exists in Geovision Door Access Control device family, an unauthenticated remote attacker can execute arbitrary command.
PriorityP261critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
1.77%
75.3th percentile
Buffer overflow exists in Geovision Door Access Control device family, an unauthenticated remote attacker can execute arbitrary command.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| geovision | door_access_control_device | GV-AS1010 – 1.32 | — |
| geovision | door_access_control_device | GV-AS210 – 2.21 | — |
| geovision | door_access_control_device | GV-AS410 – 2.21 | — |
| geovision | door_access_control_device | GV-AS810 – 2.21 | — |
| geovision | door_access_control_device | GV-GF192x – 1.10 | — |
| geovision | gv-as1010_firmware | < 1.32 | 1.32 |
| geovision | gv-as210_firmware | < 2.21 | 2.21 |
| geovision | gv-as410_firmware | < 2.21 | 2.21 |
| geovision | gv-as810_firmware | < 2.21 | 2.21 |
| geovision | gv-gf1921_firmware | < 1.10 | 1.10 |
| geovision | gv-gf1922_firmware | < 1.10 | 1.10 |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://www.acronis.com/en-us/blog/posts/backdoor-wide-open-critical-vulnerabilities-uncovered-geovisionhttps://www.twcert.org.tw/tw/cp-132-3754-b77d0-1.htmlhttps://www.acronis.com/en-us/blog/posts/backdoor-wide-open-critical-vulnerabilities-uncovered-geovisionhttps://www.twcert.org.tw/tw/cp-132-3754-b77d0-1.html
2020-07-08
Published