Vulnerability Description
Download of code with improper integrity check in snsupd.exe and upd.exe in SAFE'N'SEC SoftControl/SafenSoft SysWatch, SoftControl/SafenSoft TPSecure, and SoftControl/SafenSoft Enterprise Suite before 4.4.12 allows the remote attacker to execute unauthorized code by substituting a forged update server.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Safensoft | Softcontrol Enterprise Suite | < 4.4.12 |
| Safensoft | Softcontrol Syswatch | < 4.4.12 |
| Safensoft | Softcontrol Tpsecure | < 4.4.12 |
Related Weaknesses (CWE)
References
- http://www.safensoft.com/security.phtml?c=865#SNSVE-2018-5Vendor Advisory
- http://www.safensoft.com/security.phtml?c=865#SNSVE-2018-5Vendor Advisory
FAQ
What is CVE-2018-13012?
CVE-2018-13012 is a vulnerability with a CVSS score of 8.1 (HIGH). Download of code with improper integrity check in snsupd.exe and upd.exe in SAFE'N'SEC SoftControl/SafenSoft SysWatch, SoftControl/SafenSoft TPSecure, and SoftControl/SafenSoft Enterprise Suite before...
How severe is CVE-2018-13012?
CVE-2018-13012 has been rated HIGH with a CVSS base score of 8.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-13012?
Check the references section above for vendor advisories and patch information. Affected products include: Safensoft Softcontrol Enterprise Suite, Safensoft Softcontrol Syswatch, Safensoft Softcontrol Tpsecure.