CVE-2020-13494
CVE-2020-13494
Vexday Risk Score
13Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 4.3EPSS 1.2%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
02 dic 2020Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
A heap overflow vulnerability exists in the Pixar OpenUSD 20.05 parsing of compressed string tokens in binary USD files. A specially crafted malformed file can trigger a heap overflow which can result in out of bounds memory access which could lead to information disclosure. This vulnerability could be used to bypass mitigations and aid further exploitation. To trigger this vulnerability, victim needs to access an attacker-provided malformed file.
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Productos afectados
n/a · Pixar¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →