CVE-2020-12484

Published: Dic 17, 2024 Last Modified: Dic 17, 2024 EU-VD ID: EUVD-2020-4786 Aliases: GSD-2020-12484

ExploitDB:

Other exploit source:

Google Dorks:

MEDIUM 6,4

Source: [email protected]

Attack Vector: adjacent_network

Attack Complexity: high

Privileges Required: none

User Interaction: required

Scope: unchanged

Confidentiality: high

Integrity: high

Availability: none

Description

AI Translation Available

When using special mode to connect to enterprise wifi, certain options are not properly configured and attackers can pretend to be enterprise wifi through a carefully constructed wifi with the same name, which can lead to man-in-the-middle attacks.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score

0,0003

Percentile

0,1th

Updated

EPSS Score Trend (Last 91 Days)

306

Missing Authentication for Critical Function

Draft

Abstraction: Base Structure: Simple

Common Consequences

Security Scopes Affected:

Access Control Other

Potential Impacts:

Gain Privileges Or Assume Identity Varies By Context

Applicable Platforms

Technologies: Cloud Computing, ICS/OT

Likelihood of Exploit: High

View CWE Details

https://www.vivo.com/en/support/security-advisory-detail?id…

https://www.vivo.com/en/support/security-advisory-detail?id=3

CVE-2020-12484

Description

EPSS (Exploit Prediction Scoring System)

EPSS (Exploit Prediction Scoring System)

EPSS Score Trend (Last 91 Days)

Missing Authentication for Critical Function

Common Consequences

Applicable Platforms

Iscriviti alla newsletter