How severe is CVE-2020-12819?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.5 out of 10.

What type of vulnerability is CVE-2020-12819?

This is classified as CWE-122, which is a common weakness in software security.

CVE-2020-12819 - HIGH Severity | CVSS 7.5

Vulnerability Description

A heap-based buffer overflow vulnerability in the processing of Link Control Protocol messages in FortiGate versions 5.6.12, 6.0.10, 6.2.4 and 6.4.1 and earlier may allow a remote attacker with valid SSL VPN credentials to crash the SSL VPN daemon by sending a large LCP packet, when tunnel mode is enabled. Arbitrary code execution may be theoretically possible, albeit practically very difficult to achieve in this context

Related Vulnerabilities

CVE-2017-2591

HIGH

CVSS:7.5(High)

389-ds-base before version 1.3.6 is vulnerable to an improperly NULL terminated array in the uniqueness_entry_to_config() function in the "attribute uniqueness" plugin of 389 Directory Server. An auth...

CWE-1222017

CVE-2018-1089

HIGH

CVSS:7.5(High)

389-ds-base before versions 1.4.0.9, 1.3.8.1, 1.3.6.15 did not properly handle long search filters with characters needing escapes, possibly leading to buffer overflows. A remote, unauthenticated atta...

CWE-1222018

CVE-2018-1123

HIGH

CVSS:7.5(High)

procps-ng before version 3.3.15 is vulnerable to a denial of service in ps via mmap buffer overflow. Inbuilt protection in ps maps a guard page at the end of the overflowed buffer, ensuring that the i...

CWE-1222018

CVE-2018-14821

HIGH

CVSS:7.5(High)

Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. This vulnerability may allow a remote, unauthenticated threat actor to intentionally send a malformed CIP packet to Port 44818, causing t...

CWE-1222018

CVE-2018-18981

HIGH

CVSS:7.5(High)

In Rockwell Automation FactoryTalk Services Platform 2.90 and earlier, a remote unauthenticated attacker could send numerous crafted packets to service ports resulting in memory consumption that could...

CWE-1222018

CVE-2018-19093

HIGH

CVSS:7.5(High)

An issue has been found in libIEC61850 v1.3. It is a SEGV in ControlObjectClient_setCommandTerminationHandler in client/client_control.c. NOTE: the software maintainer disputes this because it require...

CWE-1222018