CVE-2020-27283
5.3 MEDIUMAn attacker could send a specially crafted message to Crimson 3.1 (Build versions prior to 3119.001) that could leak arbitrary memory loc...
Published: 2021-01-06 · Last updated: 2026-06-02
Severity and scoring
- CVSS
- 5.3 MEDIUM
- Vector
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
- CWE
- CWE-404
Affected products
| Vendor | Product |
|---|---|
| redlion | crimson |
Description
An attacker could send a specially crafted message to Crimson 3.1 (Build versions prior to 3119.001) that could leak arbitrary memory locations.
Source: NVD
References
Related CVEs
Same vendor
- CVE-2020-27279 — A NULL pointer deference vulnerability has been identified in the protocol converter (7.5 HIGH)
- CVE-2020-27285 — The default configuration of Crimson 3.1 (Build versions prior to 3119.001) allows a user to be able to read and modify the database with... (9.1 CRITICAL)
- CVE-2019-10996 — Red Lion Controls Crimson, version 3.0 and prior and version 3.1 prior to release 3112.00, allow multiple vulnerabilities to be exploited... (7.8 HIGH)
- CVE-2019-10990 — Red Lion Controls Crimson, version 3.0 and prior and version 3.1 prior to release 3112.00, uses a hard-coded password to encrypt protecte... (6.5 MEDIUM)
- CVE-2019-10984 — Red Lion Controls Crimson, version 3.0 and prior and version 3.1 prior to release 3112.00, allow multiple vulnerabilities to be exploited... (7.8 HIGH)
Same CWE
- CVE-2026-45174 — Idira Endpoint Privilege Manager Linux Agent versions prior to 26.5 allow a local attacker to potentially compromise the agent daemon ini...
- CVE-2026-47213 — Boxlite is a sandbox service that allows users to create lightweight virtual machines (Boxes) and launch OCI containers within them to ru... (6.5 MEDIUM)
- CVE-2026-11312 — A vulnerability was found in bytedance InfiniStore up to 0.2.33 (3.3 LOW)
- CVE-2026-10802 — A vulnerability was detected in keystonejs keystone up to 20260319 (4.3 MEDIUM)
- CVE-2026-10775 — A vulnerability was determined in sgl-project SGLang up to 0.5.11 (3.6 LOW)