본문내용 바로가기 메인메뉴 바로가기 푸터 바로가기

Security Advisory

CVE-2020-7868 | Helpu remote code execution vulnerability2021.06.21
□ Overview
 o helpu released security update to address remote code execution through improper validation of parameter vulnerability in helpu. (remote administration tool)
Vulnerability Type Impact Severity CVSS CVE ID
improper neutralization of parameter remote code execution critical 9.6 CVE-2020-7868
 
□ Description
 o A remote code execution vulnerability exists in helpUX(remote administration tool) due to improper validation or parameter of ShellExecutionExA function used for login.(CVE-2020-7868)

□ Affected Products
Product Version OS
HelpUX 2020.6.27.1 Windows
 
□ Solution
 o Update software over HelpUX 2020.11.20.0 version or higher.

□ Acknowledgements
 o Thanks to Eunsol Lee for reporting this vulnerability.
 
□ Reference site
 [1] https://helpu.co.kr/customer/download.html


□ 작성 : 침해사고분석단 취약점분석팀