← volver
CVE-2020-15649

CVE-2020-15649

EPSS 0.7%
Vexday Risk Score
3Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS EPSS 0.7%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
10 ago 2020Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
Given an installed malicious file picker application, an attacker was able to steal and upload local files of their choosing, regardless of the actually files picked. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.11.
Productos afectados
Mozilla · Firefox ESR

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://bugzilla.mozilla.org/buglist.cgi?bug_id=1475835%2C1652364https://www.mozilla.org/security/advisories/mfsa2020-31/