CVE-2020-13494
CVE-2020-13494
Vexday Risk Score
13Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 4.3EPSS 1.2%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
02 dez 2020Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
A heap overflow vulnerability exists in the Pixar OpenUSD 20.05 parsing of compressed string tokens in binary USD files. A specially crafted malformed file can trigger a heap overflow which can result in out of bounds memory access which could lead to information disclosure. This vulnerability could be used to bypass mitigations and aid further exploitation. To trigger this vulnerability, victim needs to access an attacker-provided malformed file.
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
Produtos afetados
n/a · PixarQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →