Arbitrary code execution through “Update Manager” Class
CVE-2020-6650

8.3HIGH

Key Information:

Vendor
Eaton
Status
Ups Companion Software
Vendor
CVE Published:
20 March 2020

Badges

👾 Exploit Exists🟡 Public PoC🟣 EPSS 10%

Summary

UPS companion software v1.05 & Prior is affected by ‘Eval Injection’ vulnerability. The software does not neutralize or incorrectly neutralizes code syntax before using the input in a dynamic evaluation call e.g.”eval” in “Update Manager” class when software attempts to see if there are updates available. This results in arbitrary code execution on the machine where software is installed.

Affected Version(s)

UPS Companion Software <= 1.05

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

Eaton-UPS-Companion-Exploit
Created by RavSS

References

https://www.eaton.com/content/dam/eaton/company/news-insi...
x_refsource_MISC

EPSS Score

10% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
8.3
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

Credit

Ravjot Singh Samra
.
CVE-2020-6650 : Arbitrary code execution through “Update Manager” Class | SecurityVulnerability.io