diff --git a/2020/5xxx/CVE-2020-5957.json b/2020/5xxx/CVE-2020-5957.json index 82c9495cf0b..119361473c0 100644 --- a/2020/5xxx/CVE-2020-5957.json +++ b/2020/5xxx/CVE-2020-5957.json @@ -1,60 +1,62 @@ { - "CVE_data_meta" : { - "ASSIGNER" : "psirt@nvidia.com", - "ID" : "CVE-2020-5957", - "STATE" : "PUBLIC" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "NVIDIA GPU Display Driver", - "version" : { - "version_data" : [ - { - "version_value" : "ALL" - } - ] - } - } - ] - }, - "vendor_name" : "NVIDIA" - } - ] - } - }, - "data_format" : "MITRE", - "data_type" : "CVE", - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component in which an attacker with local system access can corrupt a system file, which may lead to denial of service or escalation of privileges." - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "denial of service or escalation of privileges." - } - ] - } - ] - }, - "references" : { - "reference_data" : [ - { - "url" : "https://nvidia.custhelp.com/app/answers/detail/a_id/4996" - } - ] - } -} + "CVE_data_meta": { + "ASSIGNER": "psirt@nvidia.com", + "ID": "CVE-2020-5957", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "NVIDIA GPU Display Driver", + "version": { + "version_data": [ + { + "version_value": "ALL" + } + ] + } + } + ] + }, + "vendor_name": "NVIDIA" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component in which an attacker with local system access can corrupt a system file, which may lead to denial of service or escalation of privileges." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "denial of service or escalation of privileges." + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/4996", + "refsource": "MISC", + "name": "https://nvidia.custhelp.com/app/answers/detail/a_id/4996" + } + ] + } +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6971.json b/2020/6xxx/CVE-2020-6971.json index d2f712f67c0..f2f44939036 100644 --- a/2020/6xxx/CVE-2020-6971.json +++ b/2020/6xxx/CVE-2020-6971.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6971", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "ics-cert@hq.dhs.gov", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Emerson ValveLink", + "version": { + "version_data": [ + { + "version_value": "v12.0.264 to v13.4.118" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "IMPROPER ACCESS CONTROL CWE-284" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.us-cert.gov/ics/advisories/icsa-20-063-01", + "url": "https://www.us-cert.gov/ics/advisories/icsa-20-063-01" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In Emerson ValveLink v12.0.264 to v13.4.118, a vulnerability in the ValveLink software may allow a local, unprivileged, trusted insider to escalate privileges due to insecure configuration parameters." } ] } diff --git a/2020/6xxx/CVE-2020-6986.json b/2020/6xxx/CVE-2020-6986.json index 1ff9d0ccf1b..f55440e45fc 100644 --- a/2020/6xxx/CVE-2020-6986.json +++ b/2020/6xxx/CVE-2020-6986.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-6986", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "ics-cert@hq.dhs.gov", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Omron PLC CJ Series", + "version": { + "version_data": [ + { + "version_value": "all versions" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "UNCONTROLLED RESOURCE CONSUMPTION CWE-400" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.us-cert.gov/ics/advisories/icsa-20-063-03", + "url": "https://www.us-cert.gov/ics/advisories/icsa-20-063-03" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In all versions of Omron PLC CJ Series, an attacker can send a series of specific data packets within a short period, causing a service error on the PLC Ethernet module, which in turn causes a PLC service denied result." } ] }