CVE-2020-5637

MEDIUM

Aterm SA3500G <3.5.9 - Code Injection

Title source: llm
STIX 2.1

Description

Improper validation of integrity check value vulnerability in Aterm SA3500G firmware versions prior to Ver. 3.5.9 allows an attacker with an administrative privilege to execute a malicious program.

References (3)

Core 3
Core References
Third Party Advisory x_refsource_misc
https://jvn.jp/en/jp/JVN55917325/index.html
Third Party Advisory x_refsource_misc
https://jvn.jp/jp/JVN55917325/index.html

Scores

CVSS v3 6.8
EPSS 0.0037
EPSS Percentile 28.7%
Attack Vector ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-354
Status published
Products (1)
necplatforms/aterm_sa3500g_firmware < 3.5.9
Published Dec 14, 2020
Tracked Since Feb 18, 2026