{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-30T05:37:03.300","vulnerabilities":[{"cve":{"id":"CVE-2020-12022","sourceIdentifier":"ics-cert@hq.dhs.gov","published":"2020-05-08T12:15:11.363","lastModified":"2024-11-21T04:59:07.913","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. An improper validation vulnerability exists that could allow an attacker to inject specially crafted input into memory where it can be executed."},{"lang":"es","value":"Advantech WebAccess Node, versiones 8.4.4 y anteriores, versión 9.0.0. Se presenta una vulnerabilidad de comprobación inapropiada que podría permitir a un atacante inyectar información especialmente diseñada dentro de la memoria donde pueda ser ejecutada."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-129"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-129"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:advantech:webaccess:*:*:*:*:*:*:*:*","versionEndIncluding":"8.4.4","matchCriteriaId":"B72D5222-6513-4088-9BFC-624F962D1738"},{"vulnerable":true,"criteria":"cpe:2.3:a:advantech:webaccess:9.0.0:*:*:*:*:*:*:*","matchCriteriaId":"0CEA0906-8E5C-465F-8AB3-1CB050352A8A"}]}]}],"references":[{"url":"https://www.us-cert.gov/ics/advisories/icsa-20-128-01","source":"ics-cert@hq.dhs.gov","tags":["Third Party Advisory","US Government Resource"]},{"url":"https://www.zerodayinitiative.com/advisories/ZDI-20-598/","source":"ics-cert@hq.dhs.gov","tags":["Third Party Advisory"]},{"url":"https://www.us-cert.gov/ics/advisories/icsa-20-128-01","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","US Government Resource"]},{"url":"https://www.zerodayinitiative.com/advisories/ZDI-20-598/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}