CVE-2020-18494

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Aug 22, 2023
Updated: Aug 25, 2023
CWE ID 787

Summary

CVE-2020-18494 is a buffer overflow vulnerability affecting the H5S_close function in HDF5 1.10.4 library. An attacker can exploit this issue by creating a specially crafted file and sending it to the target, resulting in arbitrary code execution upon processing the file. This vulnerability poses a significant security risk as it can be exploited remotely. The impact includes potential data breaches, unauthorized system access, and malware installation. Users are advised to upgrade to the latest version of HDF5 or apply the relevant patches to mitigate this issue.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share