Code Emission Vulnerability in Unisys ALGOL Compiler
CVE-2020-12647

8.8HIGH

Key Information:

Vendor: Unisys
Status: Algol Compiler
Vendor: CVE Published:; 21 May 2020

What is CVE-2020-12647?

The Unisys ALGOL Compiler versions 58.1 (prior to 58.1a.15), 59.1 (prior to 59.1a.9), and 60.0 (prior to 60.0a.5) are susceptible to a vulnerability that can generate invalid code sequences in rare circumstances linked to syntax errors. This malfunction could lead to unexpected system faults, potentially compromising the confidentiality, integrity, and availability of the system reliant on the compiler. Users are encouraged to evaluate their use of affected versions and consider necessary updates.

References

https://public.support.unisys.com/common/public/vulnerabi...

x_refsource_CONFIRM

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 21, 2020
Vulnerability Reserved
May 4, 2020

CVE-2020-12647 Data

JSON