Input Parameter Flaw in Vivo ABE Service
CVE-2020-12487

7HIGH

Key Information:

Vendor: Vivo
Status: Abe
Vendor: CVE Published:; 17 December 2024

What is CVE-2020-12487?

CVE-2020-12487 represents a significant security vulnerability within the ABE service developed by Vivo. This flaw stems from inadequate input parameter validation, allowing an attacker to craft and submit malicious commands. When these inputs are improperly verified, it may lead to the execution of arbitrary commands with root privileges, potentially compromising the integrity and security of the affected systems. It is critical for users of the ABE service to assess their exposure and apply mitigations as provided in the security advisory.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

ABE Versions earlier than 4.4.0.9

References

https://www.vivo.com/en/support/security-advisory-detail?...

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Dec 17, 2024
Vulnerability Reserved
Apr 30, 2020

JSON

Vivo

What is CVE-2020-12487?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.