ID
VAR-202108-0011
CVE
CVE-2020-15744
TITLE
Victure PC420 Out-of-bounds write vulnerabilities in smart cameras
Trust: 0.8
sources:
JVNDB: JVNDB-2021-011185
DESCRIPTION
Stack-based Buffer Overflow vulnerability in the ONVIF server component of Victure PC420 smart camera allows an attacker to execute remote code on the target device. This issue affects: Victure PC420 firmware version 1.2.2 and prior versions. Victure PC420 Smart cameras are vulnerable to out-of-bounds writes.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
Trust: 1.71
sources:
NVD: CVE-2020-15744 //
JVNDB: JVNDB-2021-011185 //
VULMON: CVE-2020-15744
IOT TAXONOMY
| category: | ['camera device'] | sub_category: | camera | Trust: 0.1 |
sources:
OTHER: None
AFFECTED PRODUCTS
| vendor: | govicture | model: | pc420 | scope: | lte | version: | 1.2.2 | Trust: 1.0 |
| vendor: | victure | model: | pc420 | scope: | eq | version: | - | Trust: 0.8 |
| vendor: | victure | model: | pc420 | scope: | lte | version: | pc420 firmware 1.2.2 and earlier | Trust: 0.8 |
sources:
JVNDB: JVNDB-2021-011185 //
NVD: CVE-2020-15744
CVSS
SEVERITY | CVSSV2 | CVSSV3 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
sources:
VULMON: CVE-2020-15744 //
JVNDB: JVNDB-2021-011185 //
CNNVD: CNNVD-202108-2688 //
NVD: CVE-2020-15744 //
NVD: CVE-2020-15744
PROBLEMTYPE DATA
| problemtype: | CWE-121 | Trust: 1.0 |
| problemtype: | CWE-787 | Trust: 1.0 |
| problemtype: | Out-of-bounds writing (CWE-787) [NVD evaluation ] | Trust: 0.8 |
sources:
JVNDB: JVNDB-2021-011185 //
NVD: CVE-2020-15744
THREAT TYPE
remote
Trust: 0.6
sources:
CNNVD: CNNVD-202108-2688
TYPE
buffer error
Trust: 0.6
sources:
CNNVD: CNNVD-202108-2688
PATCH
| title: | top page | url: | https://jp.govicture.com/ | Trust: 0.8 |
| title: | CVE-2020-15744 | url: | https://github.com/AlAIAL90/CVE-2020-15744 | Trust: 0.1 |
sources:
VULMON: CVE-2020-15744 //
JVNDB: JVNDB-2021-011185
EXTERNAL IDS
| db: | NVD | id: | CVE-2020-15744 | Trust: 3.4 |
| db: | JVNDB | id: | JVNDB-2021-011185 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-202108-2688 | Trust: 0.6 |
| db: | OTHER | id: | NONE | Trust: 0.1 |
| db: | VULMON | id: | CVE-2020-15744 | Trust: 0.1 |
sources:
OTHER: None //
VULMON: CVE-2020-15744 //
JVNDB: JVNDB-2021-011185 //
CNNVD: CNNVD-202108-2688 //
NVD: CVE-2020-15744
REFERENCES
| url: | https://www.bitdefender.com/blog/labs/cracking-the-victure-pc420-camera | Trust: 2.5 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2020-15744 | Trust: 0.8 |
| url: | https://ieeexplore.ieee.org/abstract/document/10769424 | Trust: 0.1 |
| url: | https://cwe.mitre.org/data/definitions/787.html | Trust: 0.1 |
| url: | https://github.com/alaial90/cve-2020-15744 | Trust: 0.1 |
| url: | https://nvd.nist.gov | Trust: 0.1 |
sources:
OTHER: None //
VULMON: CVE-2020-15744 //
JVNDB: JVNDB-2021-011185 //
CNNVD: CNNVD-202108-2688 //
NVD: CVE-2020-15744
SOURCES
| db: | OTHER | id: | - |
| db: | VULMON | id: | CVE-2020-15744 |
| db: | JVNDB | id: | JVNDB-2021-011185 |
| db: | CNNVD | id: | CNNVD-202108-2688 |
| db: | NVD | id: | CVE-2020-15744 |
LAST UPDATE DATE
2025-01-30T20:33:15.878000+00:00
SOURCES UPDATE DATE
| db: | VULMON | id: | CVE-2020-15744 | date: | 2021-09-03T00:00:00 |
| db: | JVNDB | id: | JVNDB-2021-011185 | date: | 2022-07-22T07:21:00 |
| db: | CNNVD | id: | CNNVD-202108-2688 | date: | 2021-09-06T00:00:00 |
| db: | NVD | id: | CVE-2020-15744 | date: | 2021-09-03T17:30:14.930 |
SOURCES RELEASE DATE
| db: | VULMON | id: | CVE-2020-15744 | date: | 2021-08-30T00:00:00 |
| db: | JVNDB | id: | JVNDB-2021-011185 | date: | 2022-07-22T00:00:00 |
| db: | CNNVD | id: | CNNVD-202108-2688 | date: | 2021-08-30T00:00:00 |
| db: | NVD | id: | CVE-2020-15744 | date: | 2021-08-30T10:15:15.717 |