CVE-2020-23621 - SVI MS Java Remote Management Interface
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Vulnerable Product Version: SVI MS Management System - All versions | |
| Vendor: https://www.squire-technologies.co.uk/ | |
| Vulnerability Type: CWE-502 - Deserialization of Untrusted Data | |
| Description: The Java Remote Management Interface of all versions of SVI MS | |
| Management System was discovered to contain a vulnerability due to | |
| insecure deserialization of user-supplied content, which can allow | |
| attackers to execute arbitrary code via a crafted serialized Java | |
| object. | |
| Discovered by: | |
| Omri Inbar, Shlomo Ben Yosef, Tal Sheinfeld |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment