Security Alert: Alert Regarding Vulnerability (CVE-2020-5617) in SKYSEA Client View

Alert Regarding Vulnerability (CVE-2020-5617) in SKYSEA Client View

last update: 2020-08-03

        <div class="contents_container">
            <article class=""><div class="at">

JPCERT-AT-2020-0031
JPCERT/CC
2020-08-03

I. Overview

Sky Co., LTD. published information about a vulnerability in SKYSEA Client View (CVE-2020-5617). An attacker who can login to a client PC where SKYSEA Client View is installed may be able to execute arbitrary code with system privileges on the PC by leveraging the vulnerability.

As for the details of the vulnerability, please refer to the following URL.

Sky Co., LTD.
[Important] Privilege escalation vulnerability (CVE-2020-5617) (JAPANESE)
https://www.skygroup.jp/security-info/200803.html

JVN#25422698
SKYSEA Client View vulnerable to privilege escalation
https://jvn.jp/en/jp/JVN25422698/

II. Affected Products

Affected products and versions are as follows:

– SKYSEA Client View Versions from Ver.12.200.12n to 15.210.05f

III. Solution

Affected users are recommended to apply the module provided by Sky Co., LTD. that addressed the vulnerability.

Sky Co., LTD.
Website for contracted users (JAPANESE)
https://sp.skyseaclientview.net/topics/detail_2092.html
* Requires User ID and password for login

IV. References

Sky Co., LTD.
[Important] Privilege escalation vulnerability (CVE-2020-5617) (JAPANESE)
https://www.skygroup.jp/security-info/200803.html

Sky Co., LTD.
FAQ regarding the vulnerability (CVE-2020-5617) (JAPANESE)
https://sp.skyseaclientview.net/faq/detail_875.html
* Requires User ID and password for login

JVN#25422698
SKYSEA Client View vulnerable to privilege escalation
https://jvn.jp/en/jp/JVN25422698/

If you have any information regarding this alert, please contact JPCERT/CC.

JPCERT Coordination Center (Early Warning Group)
MAIL: ew-info@jpcert.or.jp
https://www.jpcert.or.jp/english/

<

p class=”pg_top”>Top

            </article>

Was this helpful?

Yes
No

Add comment:

Please use this form to send us your feedback. For more information on the individual products, please contact the developers.

To provide feedback, please enable JavaScript.

Thank you.
To report an incident, please click here.

<< Previous
Next >>

        </div>

Read More

https://www.malwaredevil.com/2020/08/03/security-alert-alert-regarding-vulnerability-cve-2020-5617-in-skysea-client-view/?utm_source=rss&utm_medium=rss&utm_campaign=security-alert-alert-regarding-vulnerability-cve-2020-5617-in-skysea-client-view