cvelist/2020/10xxx/CVE-2020-10616.json

{
    "data_type": "CVE",
    "data_format": "MITRE",
    "data_version": "4.0",
    "CVE_data_meta": {
        "ID": "CVE-2020-10616",
        "ASSIGNER": "ics-cert@hq.dhs.gov",
        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "vendor_name": "n/a",
                    "product": {
                        "product_data": [
                            {
                                "product_name": "Opto 22 SoftPAC Project",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_value": "SoftPAC Project Version 9.6 and prior"
                                        }
                                    ]
                                }
                            }
                        ]
                    }
                }
            ]
        }
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "UNCONTROLLED SEARCH PATH ELEMENT CWE-427"
                    }
                ]
            }
        ]
    },
    "references": {
        "reference_data": [
            {
                "refsource": "MISC",
                "name": "https://www.us-cert.gov/ics/advisories/icsa-20-135-01",
                "url": "https://www.us-cert.gov/ics/advisories/icsa-20-135-01"
            }
        ]
    },
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "Opto 22 SoftPAC Project Version 9.6 and prior. SoftPAC does not specify the path of multiple imported .dll files. Therefore, an attacker can replace them and execute code whenever the service starts."
            }
        ]
    }
}
"-Synchronized-Data." 2020-03-16 14:01:16 +00:00			`{`
			`"data_type": "CVE",`
			`"data_format": "MITRE",`
			`"data_version": "4.0",`
			`"CVE_data_meta": {`
			`"ID": "CVE-2020-10616",`
"-Synchronized-Data." 2020-05-14 21:01:25 +00:00			`"ASSIGNER": "ics-cert@hq.dhs.gov",`
			`"STATE": "PUBLIC"`
			`},`
			`"affects": {`
			`"vendor": {`
			`"vendor_data": [`
			`{`
			`"vendor_name": "n/a",`
			`"product": {`
			`"product_data": [`
			`{`
			`"product_name": "Opto 22 SoftPAC Project",`
			`"version": {`
			`"version_data": [`
			`{`
			`"version_value": "SoftPAC Project Version 9.6 and prior"`
			`}`
			`]`
			`}`
			`}`
			`]`
			`}`
			`}`
			`]`
			`}`
			`},`
			`"problemtype": {`
			`"problemtype_data": [`
			`{`
			`"description": [`
			`{`
			`"lang": "eng",`
			`"value": "UNCONTROLLED SEARCH PATH ELEMENT CWE-427"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`"references": {`
			`"reference_data": [`
			`{`
			`"refsource": "MISC",`
			`"name": "https://www.us-cert.gov/ics/advisories/icsa-20-135-01",`
			`"url": "https://www.us-cert.gov/ics/advisories/icsa-20-135-01"`
			`}`
			`]`
"-Synchronized-Data." 2020-03-16 14:01:16 +00:00			`},`
			`"description": {`
			`"description_data": [`
			`{`
			`"lang": "eng",`
"-Synchronized-Data." 2020-05-14 21:01:25 +00:00			`"value": "Opto 22 SoftPAC Project Version 9.6 and prior. SoftPAC does not specify the path of multiple imported .dll files. Therefore, an attacker can replace them and execute code whenever the service starts."`
"-Synchronized-Data." 2020-03-16 14:01:16 +00:00			`}`
			`]`
			`}`
			`}`