o TOBESOFT Co,Ltd released security update to address remote command execution vulnerability in MiPlatform.
||Remote Comand Execution
o A Vulnerability exists that could be allow the execution of operating system commands on system running MiPlatform. An attacker could execute arbitrary remote command by sending parameters to WinExec function in ExtCommandApi.dll module of MiPlatform. (CVE-2020-7825)
□ Affected Product
(320, 320U, 330, 330U)
o Update software over MiPlatform 2019.05.16 version or higher.
o Thanks to Jeongun Baek for reporthing this vulnerability
□ 작성 : 침해사고분석단 취약점분석팀