How severe is CVE-2020-20250?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.5 out of 10.

What type of vulnerability is CVE-2020-20250?

This is classified as CWE-476, which is a common weakness in software security.

CVE-2020-20250 - MEDIUM Severity | CVSS 6.5

Vulnerability Description

Mikrotik RouterOs before stable version 6.47 suffers from a memory corruption vulnerability in the /nova/bin/lcdstat process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference). NOTE: this is different from CVE-2020-20253 and CVE-2020-20254. All four vulnerabilities in the /nova/bin/lcdstat process are discussed in the CVE-2020-20250 github.com/cq674350529 reference.

Related Vulnerabilities

CVE-2011-1802

MEDIUM

CVSS:6.5(Medium)

WebKit in Google Chrome before Blink M11 and M12 does not properly handle counter nodes, which allows remote attackers to cause a denial of service (memory corruption).

CWE-4762011

CVE-2011-2691

MEDIUM

CVSS:6.5(Medium)

The png_err function in pngerror.c in libpng 1.0.x before 1.0.55, 1.2.x before 1.2.45, 1.4.x before 1.4.8, and 1.5.x before 1.5.4 makes a function call using a NULL pointer argument instead of an empt...

CWE-4762011

CVE-2015-8272

MEDIUM

CVSS:6.5(Medium)

RTMPDump 2.4 allows remote attackers to trigger a denial of service (NULL pointer dereference and process crash).

CWE-4762015

CVE-2015-8750

MEDIUM

CVSS:6.5(Medium)

libdwarf 20151114 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a debug_abbrev section marked NOBITS in an ELF file.

CWE-4762015

CVE-2015-8916

MEDIUM

CVSS:6.5(Medium)

bsdtar in libarchive before 3.2.0 returns a success code without filling the entry when the header is a "split file in multivolume RAR," which allows remote attackers to cause a denial of service (NUL...

CWE-4762015

CVE-2016-10505

MEDIUM

CVSS:6.5(Medium)

NULL pointer dereference vulnerabilities in the imagetopnm function in convert.c, sycc444_to_rgb function in color.c, color_esycc_to_rgb function in color.c, and sycc422_to_rgb function in color.c in ...

CWE-4762016