CVE-2020-5735
| CVE Published | 2020-04-08 |
|---|---|
| Related CWE(s) | CWE-787: Out-of-bounds Write, CWE-121: Stack-based Buffer Overflow |
| Related Vendor(s) | amcrest |
| Related Product(s) | ip8m-2597e_firmware, ipm-721_firmware, ip2m-841_firmware, ip2m-866ew_firmware, ip8m-mb2546ew_firmware, 1080-lite_8ch_firmware, ip8m-2493eb_firmware, ip2m-853ew_firmware, ip8m-2454ew_firmware, ip8m-t2499ew_firmware, ip4m-1053ew_firmware, ip2m-858w_firmware, ip8m-2496eb_firmware, ipm-hx1_firmware, ip8m-mt2544ew_firmware, amdv10814-h5_firmware, ip2m-841-v3_firmware, ip2m-866w_firmware |
| Exploitation Reported (CISA KEV) | 2021-11-03 |
| CVSS 3 Base Score | 8.8 (HIGH) |
| CVSS 3 Attack Complexity | LOW |
| CVSS 3 Attack Vector | NETWORK |
Amcrest cameras and NVR are vulnerable to a stack-based buffer overflow over port 37777. An authenticated remote attacker can abuse this issue to crash the device and possibly execute arbitrary code.
Cyber Threat Graph Context
Explore how this CVE relates to the wider threat graph