{"vulnerability": "CVE-2020-1163", "sightings": [{"uuid": "bc3447d8-6680-4348-9e4c-520a16b5eb45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11639", "type": "seen", "source": "https://t.me/cvedetector/1524", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2020-11639 - Advant MOD 300 AdvaBuild Denial-of-Service and Data Tampering vulnerability\", \n  \"Content\": \"CVE ID : CVE-2020-11639 \nPublished : July 23, 2024, 6:15 p.m. | 16\u00a0minutes ago \nDescription : An attacker could exploit the vulnerability by  \ninjecting garbage data or specially crafted data. Depending on the data injected each process might be  \naffected differently. The process could crash or cause communication issues on the affected node, effectively causing a denial-of-service attack. The attacker could tamper with the data transmitted, causing  \nthe product to store wrong information or act on wrong data or display wrong information.  \n  \n  \nThis issue affects Advant MOD 300 AdvaBuild: from 3.0 through 3.7 SP2.  \n  \n  \n  \n  \nFor an attack to be successful, the attacker must have local access to a node in the system and be able to  \nstart a specially crafted application that disrupts the communication.  \nAn attacker who successfully exploited the vulnerability would be able to manipulate the data in such  \nway as allowing reads and writes to the controllers or cause Windows processes in 800xA for MOD 300  \nand AdvaBuild to crash. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-23T20:34:59.000000Z"}, {"uuid": "a15dd297-2ef1-45e1-99aa-ba1370f7c0a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11635", "type": "seen", "source": "https://t.me/cibsecurity/23677", "content": "\u203c CVE-2020-11635 \u203c\n\nThe Zscaler Client Connector prior to 3.1.0 did not sufficiently validate RPC clients, which allows a local adversary to execute code with system privileges or perform limited actions for which they did not have privileges.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-16T22:48:07.000000Z"}]}