CVE-2020-5525
Last modified
CVE-2020-5525 is a high-severity vulnerability rated 8/10 on the CVSS scale. Aterm series (Aterm WF1200C firmware Ver1.2.1 and earlier, Aterm WG1200CR firmware Ver1.2.1 and earlier, Aterm WG2600HS firmware Ver1.3.2 and earlier) allows an authenticated attacker on the same network segment to execute arbitrary OS commands with root privileges via management screen.. EPSS estimates a 0.87% chance of exploitation in the next 30 days.
Description
Aterm series (Aterm WF1200C firmware Ver1.2.1 and earlier, Aterm WG1200CR firmware Ver1.2.1 and earlier, Aterm WG2600HS firmware Ver1.3.2 and earlier) allows an authenticated attacker on the same network segment to execute arbitrary OS commands with root privileges via management screen.
Metrics
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Nec | Aterm Wg2600hs Firmware | <= 1.3.2 |
| Nec | Aterm Wf1200c Firmware | <= 1.2.1 |
| Nec | Aterm Wg1200cr Firmware | <= 1.2.1 |
References
- https://jpn.nec.com/security-info/secinfo/nv20-003.htmlNot Applicable, Third Party Advisory
- https://jvn.jp/en/jp/JVN49410695/index.htmlNot Applicable, Third Party Advisory
- https://jpn.nec.com/security-info/secinfo/nv20-003.htmlNot Applicable, Third Party Advisory
- https://jvn.jp/en/jp/JVN49410695/index.htmlNot Applicable, Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2020-5525?
How severe is CVE-2020-5525?
How do I fix CVE-2020-5525?
Are you affected by CVE-2020-5525?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST