Sign-up

ID

VAR-202101-2031


TITLE

YKBuilder V5.1 has a binary vulnerability

Trust: 0.6

sources: CNVD: CNVD-2020-72366

DESCRIPTION

YKBuilder is a software suitable for constructing embedded integrated development. There are binary vulnerabilities in YKBuilder V5.1. Attackers can use this vulnerability to construct malformed files and cause the program to crash.

Trust: 0.6

sources: CNVD: CNVD-2020-72366

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2020-72366

AFFECTED PRODUCTS

vendor:zhongda youkongmodel:ykbuilder programming softwarescope:eqversion:v5.1.531

Trust: 0.6

sources: CNVD: CNVD-2020-72366

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2020-72366
value: MEDIUM

Trust: 0.6

CNVD: CNVD-2020-72366
severity: MEDIUM
baseScore: 4.9
vectorString: AV:L/AC:L/AU:N/C:N/I:N/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2020-72366

EXTERNAL IDS

db:CNVDid:CNVD-2020-72366

Trust: 0.6

sources: CNVD: CNVD-2020-72366

SOURCES

db:CNVDid:CNVD-2020-72366

LAST UPDATE DATE

2022-05-04T09:27:50.850000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2020-72366date:2021-02-03T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2020-72366date:2021-01-15T00:00:00