본문내용 바로가기 메인메뉴 바로가기 푸터 바로가기

Security Advisory

CVE-2020-7853 | TOBESOFT XPLATFORM Out-of-Bounds Read/Write Vulnerabilities2021.03.23
□ Overview
o TOBESOFT released security update to address a Out-of-Bounds Read/Write vulnerability in XPLATFORM.
Vulnerability Type Impact Severity CVSS Score CVE ID
Out-of-Bounds Read/Write Code execution Medium 5.5 CVE-2020-7853
 
□ Description
o An outbound read/write vulnerability exists in XPLATFORM that does not check offset input ranges, allowing out-of-range data to be read. An attacker can exploit arbitrary code execution.(CVE-2020-7853)
 
□ Affected Product
 
Product Version OS
XPLATFORM 9.2.2.250 or lower Windows

□ Solution
 o Update software over XPLATFORM 9.2.2.271 version or higher.

□ Acknowledgements
 o Thanks to Jeongun Baek for reporting these vulnerabilities.


□ 작성 : 침해사고분석단 취약점분석팀