CVE-2020-13581

In SoftMaker Software GmbH SoftMaker Office PlanMaker 2021 (Revision 1014), a specially crafted document can cause the document parser to copy data from a particular record type into a buffer that is smaller than the size used for the copy which will cause a heap-based buffer overflow. An attacker can entice the victim to open a document to trigger this vulnerability.

Summary:

Reference Links(if available):

https://talosintelligence.com/vulnerability_reports/TALOS-2020-1192

CVSS Score (if available)

v2: / MEDIUM

v3: /

Links to Exploits(if available)

Tags: CVE, CVE-2020-13581, exploit, MISC, vulnerability

CVE-2020-13581

Summary:

Reference Links(if available):

CVSS Score (if available)

Links to Exploits(if available)

Analyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials

CACTUS Ransomware Victim: https://www[.]ebir[.]com/

CACTUS Ransomware Victim: https://www[.]concordegroup[.]ca/

CACTUS Ransomware Victim: https://www[.]coastalcargogroup[.]com/

CACTUS Ransomware Victim: https://www[.]saglobal[.]com/

Summary:

Reference Links(if available):

CVSS Score (if available)

Links to Exploits(if available)

You may have missed

Analyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials

CACTUS Ransomware Victim: https://www[.]ebir[.]com/

CACTUS Ransomware Victim: https://www[.]concordegroup[.]ca/

CACTUS Ransomware Victim: https://www[.]coastalcargogroup[.]com/

CACTUS Ransomware Victim: https://www[.]saglobal[.]com/