← back
CVE-2020-5741

CVE-2020-5741

CVSS 7.2 HIGHEPSS 72.9%● KEVCWE-502
Vexday Risk Score
100Fix now
SSVC decision (CISA)
Act
Exploitation + impact → act immediately
CVSS 7.2EPSS 72.9%KEV simPoC públicaNuclei Metasploit simPatch
Lifecycle
07 May 2020Metasploit module available
08 May 2020Published on NVD
10 Mar 2023Active exploitation (CISA KEV)
Recommendation: Patch as soon as possible — active exploitation confirmed.
In short

Plex Media Server on Windows has a flaw that allows authenticated users to run malicious Python code by sending specially crafted data. This is dangerous because attackers with valid credentials can take full control of the server.

Technical detail

CWE-502 unsafe deserialization vulnerability in Plex Media Server (Windows) enables remote code execution through untrusted serialized data. An authenticated attacker can craft malicious input that executes arbitrary Python code with server privileges, bypassing the authentication requirement for code execution itself.

Summary generated and translated by AI from the official description.
Deserialization of Untrusted Data in Plex Media Server on Windows allows a remote, authenticated attacker to execute arbitrary Python code.
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · Plex Media Server (Windows)
public PoCs found1
cve_referencepacketstormsecurity.com/files/158470/Plex-Unpickle-Dict-Windows-Remote-Code-Execution.htmlunverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://packetstormsecurity.com/files/158470/Plex-Unpickle-Dict-Windows-Remote-Code-Execution.htmlhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-5741https://www.tenable.com/security/research/tra-2020-32