CVE-2020-18494
CVSS 3.1 Score 8.8 of 10 (high)
Details
Summary
CVE-2020-18494 is a buffer overflow vulnerability affecting the H5S_close function in HDF5 1.10.4 library. An attacker can exploit this issue by creating a specially crafted file and sending it to the target, resulting in arbitrary code execution upon processing the file. This vulnerability poses a significant security risk as it can be exploited remotely. The impact includes potential data breaches, unauthorized system access, and malware installation. Users are advised to upgrade to the latest version of HDF5 or apply the relevant patches to mitigate this issue.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Vendors
- HDF Group