Original release date: June 9, 2020
The CERT Coordination Center (CERT/CC) has released information on a vulnerability—CVE-2020-12695—affecting versions of the Universal Plug and Play (UPnP) protocol released before April 17, 2020. UPnP protocol allows networked devices to discover and connect with each other. A remote attacker could exploit this vulnerability to cause a distributed denial-of-service condition.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages vendors and internet service providers (ISPs) to review CERT/CC’s Vulnerability Note VU#339275 and implement the updated specifications provided by the Open Connectivity Framework.
This product is provided subject to this Notification and this Privacy & Use policy.
Systems Affected Microsoft Windows XP Overview Microsoft Windows XP Service Pack 2 (SP2) significantly improves…
Systems Affected The following Oracle applications are affected: Oracle Database 10g Release 1, version 10.1.0.2…
Systems Affected MIT Kerberos 5 versions prior to krb5-1.3.5 Applications that use versions of MIT…
Systems Affected Applications that process JPEG images on Microsoft Windows, including but not limited to…
Systems Affected This vulnerability affects the following Microsoft Windows operating systems by default: Microsoft Windows…
CISA, in partnership with Federal Bureau of Investigation, the National Security Agency, Department of Energy,…
This website uses cookies.