□ Overview
o A vulnerability in the Tobesoft XPlatform ActiveX could allow remote attacker to cause arbitrary code execution.
o A vulnerability is due to lack of proper input validation of the code execution.
Vulerability Type |
Impact |
Severity |
CVSS Score |
CVE ID |
File Download |
Code execution |
High |
7.8 |
CVE-2020-7806 |
□ Description
o Arbitrary code can be executed using method supported by XPlatform ActvieX control. (CVE-2020-7806)
□ Affected Products
Product |
Version |
PlatForm |
Xplatform |
9.2.2.250 and prior |
Window OS |
□ Solution
o Update software over 9.2.2.260 version
□ Reference site
o http://support.tobesoft.co.kr/Support/index.html
□ Acknowledgements
o Thanks to Jeongun Baek for reporting this vulerability
□ 작성 : 침해사고분석단 취약점분석팀 |