Vulnerability Description
Improper Access Control in PALLET CONTROL Ver. 6.3 and earlier allows authenticated attackers to execute arbitrary code with the SYSTEM privilege on the computer where PALLET CONTROL is installed via unspecified vectors. PalletControl 7 to 9.1 are not affected by this vulnerability, however under the environment where PLS Management Add-on Module is used, all versions are affected.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Jalinfotec | Pallet Control | <= 6.3 |
References
- https://jvn.jp/en/jp/JVN61849442/index.htmlThird Party Advisory
- https://www.jalinfotec.co.jp/product/pallet/support/Info/notices.htmlVendor Advisory
- https://jvn.jp/en/jp/JVN61849442/index.htmlThird Party Advisory
- https://www.jalinfotec.co.jp/product/pallet/support/Info/notices.htmlVendor Advisory
FAQ
What is CVE-2020-5538?
CVE-2020-5538 is a vulnerability with a CVSS score of 7.8 (HIGH). Improper Access Control in PALLET CONTROL Ver. 6.3 and earlier allows authenticated attackers to execute arbitrary code with the SYSTEM privilege on the computer where PALLET CONTROL is installed via ...
How severe is CVE-2020-5538?
CVE-2020-5538 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-5538?
Check the references section above for vendor advisories and patch information. Affected products include: Jalinfotec Pallet Control.