PT-2017-12786 · Unity · Unity Editor

Published

2017-08-18

Updated

2017-09-13

CVE-2017-12939

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Unity Editor versions prior to 5.3.8p2 Unity Editor versions 5.4.x prior to 5.4.5p5 Unity Editor versions 5.5.x prior to 5.5.4p3 Unity Editor versions 5.6.x prior to 5.6.3p1 Unity Editor versions 2017.x prior to 2017.1.0p4

Description A Remote Code Execution issue was identified in Windows versions of Unity Editor.

Recommendations For Unity Editor versions prior to 5.3.8p2, update to version 5.3.8p2 or later. For Unity Editor versions 5.4.x prior to 5.4.5p5, update to version 5.4.5p5 or later. For Unity Editor versions 5.5.x prior to 5.5.4p3, update to version 5.5.4p3 or later. For Unity Editor versions 5.6.x prior to 5.6.3p1, update to version 5.6.3p1 or later. For Unity Editor versions 2017.x prior to 2017.1.0p4, update to version 2017.1.0p4 or later.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2017-12939

Affected Products

Unity Editor

PT-2017-12786 · Unity · Unity Editor

CVE-2017-12939

Weakness Enumeration

Related Identifiers

Affected Products

References · 5