CVE-2020-7846

Summary

Helpcom before v10.0 contains a file download and execution vulnerability caused by storing hardcoded cryptographic key. It finally leads to a file download and execution via access to crafted web page.

Affected Software

VendorProductVersion RangeStatus
CnestyHelpcom< 10.0affected

Weaknesses

  • CWE-321: CWE-321 Use of Hard-coded Cryptographic Key

ADP Enrichment

CVE Program Container

Additional References

References