Vulnerability Description
OpenBlocks IoT VX2 prior to Ver.4.0.0 (Ver.3 Series) allows an attacker on the same network segment to execute arbitrary OS commands with root privileges via unspecified vectors.
CVSS Score
8.8
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Plathome | Openblocks Iot Vx2 Firmware | >= 3.3.0, < 4.0.0 |
| Plathome | Openblocks Iot Vx2 | - |
Related Weaknesses (CWE)
References
- https://jvn.jp/en/jp/JVN19666251/index.htmlThird Party Advisory
- https://www.plathome.co.jp/software/vx2-v4-0-0/Vendor Advisory
- https://jvn.jp/en/jp/JVN19666251/index.htmlThird Party Advisory
- https://www.plathome.co.jp/software/vx2-v4-0-0/Vendor Advisory
FAQ
What is CVE-2020-5535?
CVE-2020-5535 is a vulnerability with a CVSS score of 8.8 (HIGH). OpenBlocks IoT VX2 prior to Ver.4.0.0 (Ver.3 Series) allows an attacker on the same network segment to execute arbitrary OS commands with root privileges via unspecified vectors.
How severe is CVE-2020-5535?
CVE-2020-5535 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-5535?
Check the references section above for vendor advisories and patch information. Affected products include: Plathome Openblocks Iot Vx2 Firmware, Plathome Openblocks Iot Vx2.