| TVN ID | TVN-201910004 |
|---|---|
| CVE ID | CVE-2020-3924 |
| CVSS | 6.8 (Medium) CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H |
| Affected Products | TONNET DVR prior to ver. 20191216 in TAT-76 series TONNET DVR prior to ver. 20200213 in TAT-77 series |
| Description | DVR firmware in TAT-76 and TAT-77 series of products, provided by TONNET, do not properly verify patch files. Attackers can inject a specific command into a patch file and gain access to the system. |
| Solution | Update to ver. 20191216 in TAT-76 series Update to ver. 20200213 in TAT-77 series |
| Credit | Weber Tsai (CHT Security) |
| Public Date | 2020-02-21 |
:::