QwikSec

Security Database

CVE

CWE

Training

CVE-2020-8995

Published: Dec 21, 2020

Modified: Aug 4, 2024

PUBLISHED

Description

Programi Bilanc Build 007 Release 014 31.01.2020 supplies a .exe file containing several hardcoded credentials to different servers that allow remote attackers to gain access to the complete infrastructure including the website, update server, and external issue tracking tools.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

FULLDISC: 20201218 Programi Bilanc - Build 007 Release 014 31.01.2020 - Broken encryption with guessable static encryption key [CVE-2020-8995]

mailing-list

x_refsource_FULLDISC

https://packetstormsecurity.com/files/160626/Programi-Bilanc-Build-007-Release-014-31.01.2020-Hardcoded-Credentials.html

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.