{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T07:22:44.243","vulnerabilities":[{"cve":{"id":"CVE-2020-7820","sourceIdentifier":"vuln@krcert.or.kr","published":"2020-07-02T13:15:10.497","lastModified":"2024-11-21T05:37:52.040","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Nexacro14/17 ExtCommonApiV13 Library under 2019.9.6 version contain a vulnerability that could allow remote attacker to execute arbitrary code by setting the arguments to the vulnerable API. This can be leveraged for code execution by rebooting the victim’s PC"},{"lang":"es","value":"Nexacro14/17 ExtCommonApiV13 Library versión 2019.9.6, contiene una vulnerabilidad que podría permitir a un atacante remoto ejecutar código arbitrario mediante el ajuste de los argumentos en la API vulnerable. Esto puede ser aprovechado para la ejecución del código mediante el reinicio de la PC de la víctima"}],"metrics":{"cvssMetricV31":[{"source":"vuln@krcert.or.kr","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"vuln@krcert.or.kr","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nexaweb:nexacro_14:*:*:*:*:*:*:*:*","versionEndExcluding":"2019.9.6","matchCriteriaId":"4E95DFB8-11DE-451A-9F7E-FE94E9F67702"},{"vulnerable":true,"criteria":"cpe:2.3:a:nexaweb:nexacro_17:*:*:*:*:*:*:*:*","versionEndExcluding":"2019.9.6","matchCriteriaId":"14D39089-6FA2-4FFA-865A-D11171BC058B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*","matchCriteriaId":"A2572D17-1DE6-457B-99CC-64AFD54487EA"}]}]}],"references":[{"url":"http://support.tobesoft.co.kr/Support/index.html","source":"vuln@krcert.or.kr","tags":["Third Party Advisory"]},{"url":"https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35491","source":"vuln@krcert.or.kr","tags":["Third Party Advisory"]},{"url":"http://support.tobesoft.co.kr/Support/index.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35491","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}