Arbitrary Code Execution via Registry Path Modification in Nexacro14/17 ExtCommonApiV13 Library (2019.9.6)

Arbitrary Code Execution via Registry Path Modification in Nexacro14/17 ExtCommonApiV13 Library (2019.9.6)

CVE-2020-7821 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Nexacro14/17 ExtCommonApiV13 Library under 2019.9.6 version contain a vulnerability that could allow remote attacker to execute arbitrary code by modifying the value of registry path. This can be leveraged for code execution by rebooting the victim’s PC

Learn more about our Api Penetration Testing.