VYPR
Unrated severityNVD Advisory· Published Jan 7, 2021· Updated Aug 4, 2024

File parsing Type Confusion Remote code execution vulerability

CVE-2020-6656

Description

Eaton's easySoft software v7.xx prior to v7.22 are susceptible to file parsing type confusion remote code execution vulnerability. A malicious entity can execute a malicious code or make the application crash by tricking user upload a malformed .E70 file in the application. The vulnerability arises due to improper validation of user data supplied through E70 file which is causing Type Confusion.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Eaton/EasySoftllm-fuzzy2 versions
    <v7.22+ 1 more
    • (no CPE)range: <v7.22
    • (no CPE)range: v7.xx prior to v7.22

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.