CRITICAL🇵🇱 Wersja polska

CVE-2020-26867

CVSS 9.8v3.1pub. 2020-10-12upd. 2024-11-21

ARC Informatique PcVue prior to version 12.0.17 is vulnerable due to the deserialization of untrusted data, which may allow an attacker to remotely execute arbitrary code on the web and mobile back-end server.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Pcvuesolutions Pcvue

    APP
    Pcvuesolutions
    8.10 – 12.0.17 (bez)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCEDeserialization
CWE
References

Related vulnerabilities

CVE-2020-26868HIGH7.5ten sam produkt

ARC Informatique PcVue prior to version 12.0.17 is vulnerable to a denial-of-service attack due to the ability...

CVE-2020-26869HIGH7.5ten sam produkt

ARC Informatique PcVue prior to version 12.0.17 is vulnerable to information exposure, allowing unauthorized u...