Out-of-Bounds Write Vulnerability in TPEditor by Focal Point
CVE-2020-27284

7.8HIGH

Key Information:

Vendor: Deltaww
Status: Tpeditor
Vendor: CVE Published:; 26 January 2021

What is CVE-2020-27284?

TPEditor versions up to 1.98 exhibit vulnerability to out-of-bounds write issues when handling project files. An attacker could exploit this flaw by crafting a specially designed project file, leading to potential arbitrary code execution on the affected system. Users are encouraged to review configurations and apply necessary updates to mitigate risk associated with this vulnerability.

Affected Version(s)

TPEditor v1.98 and prior

References

https://us-cert.cisa.gov/ics/advisories/icsa-21-021-02

x_refsource_MISC

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 26, 2021
Vulnerability Reserved
Oct 19, 2020

CVE-2020-27284 Data

JSON

Deltaww

What is CVE-2020-27284?

Affected Version(s)

References

CVSS V3.1

Timeline