Vulnerability Details : CVE-2006-2707
Secure Elements Class 5 AVR server (aka C5 EVM) before 2.8.1 does not validate the peer certificate when obtaining an update, which could allow remote attackers to distribute malicious updates to clients.
Exploit prediction scoring system (EPSS) score for CVE-2006-2707
Probability of exploitation activity in the next 30 days: 1.31%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 84 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2006-2707
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:P/A:N |
10.0
|
2.9
|
NIST |
References for CVE-2006-2707
Products affected by CVE-2006-2707
- cpe:2.3:a:secure_elements:class_5_enterprise_vulnerability_management:2.8.0:*:*:*:*:*:*:*