Vulnerability Description
Upload of Code Without Integrity Check vulnerability in firmware archive of Secomea GateManager allows authenticated attacker to execute malicious code on server. This issue affects: Secomea GateManager all versions prior to 9.4.621054022
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Secomea | Gatemanager 8250 Firmware | < 9.4.621054022 |
| Secomea | Gatemanager 8250 | - |
Related Weaknesses (CWE)
References
- https://www.secomea.com/support/cybersecurity-advisory/#3737Vendor Advisory
- https://www.tenable.com/security/research/tra-2021-06Third Party Advisory
- https://www.secomea.com/support/cybersecurity-advisory/#3737Vendor Advisory
- https://www.tenable.com/security/research/tra-2021-06Third Party Advisory
FAQ
What is CVE-2020-29032?
CVE-2020-29032 is a vulnerability with a CVSS score of 8.4 (HIGH). Upload of Code Without Integrity Check vulnerability in firmware archive of Secomea GateManager allows authenticated attacker to execute malicious code on server. This issue affects: Secomea GateManag...
How severe is CVE-2020-29032?
CVE-2020-29032 has been rated HIGH with a CVSS base score of 8.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-29032?
Check the references section above for vendor advisories and patch information. Affected products include: Secomea Gatemanager 8250 Firmware, Secomea Gatemanager 8250.