CVE-2020-10616

UNCONTROLLED SEARCH PATH ELEMENT CWE-427
SoftPAC does not specify the path of multiple imported .dll files. Therefore, an attacker can replace them and execute code whenever the service starts.

Risk Information

  • CVE ID
  • CVE-2020-10616
  • Vendor
  • Opto22
  • Product
  • SoftPAC
  • CVSS v3
  • 6.5