Attacker Value
Very Low
(1 user assessed)
Exploitability
Unknown
(1 user assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
1

CVE-2020-12440

Disclosure Date: May 14, 2020
CVE-2020-12440
Exploited in the Wild
Reported by vickiuu-ly
View Source Details
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none

Add Assessment

2
Ratings
  • Attacker Value
    Very Low
Technical Analysis

At the very least I’d debate the legitimacy of this exploit given reports like https://twitter.com/albinowax/status/1263068436298633216 and https://nvd.nist.gov/vuln/detail/CVE-2020-12440 which suggest this CVE was withdrawn due to it not actually being a valid bug. I’m not sure why this was exploited in the wild as well as I see no evidence of this having been the case minus a light PoC whose validity is disputed (again probably also why this CVE was later revoked as not a security vulnerability).

Log in to Add Reply
CVSS V3 Severity and Metrics
Base Score:
None
Impact Score:
Unknown
Exploitability Score:
Unknown
Vector:
Unknown
Attack Vector (AV):
Unknown
Attack Complexity (AC):
Unknown
Privileges Required (PR):
Unknown
User Interaction (UI):
Unknown
Scope (S):
Unknown
Confidentiality (C):
Unknown
Integrity (I):
Unknown
Availability (A):
Unknown

General Information

Offensive Application
Unknown
Utility Class
Unknown
Ports
Unknown
OS
Unknown
Vulnerable Versions
n/a
Prerequisites
Unknown
Discovered By
Unknown
PoC Author
Unknown
Metasploit Module
Unknown
Reporter
Unknown

Exploited in the Wild

Reported by:

Additional Info

Authenticated
Unknown
Exploitable
Unknown
Reliability
Unknown
Stability
Unknown
Available Mitigations
Unknown
Shelf Life
Unknown
Userbase/Installbase
Unknown
Patch Effectiveness
Unknown
Technical Analysis