Vulnerability Details : CVE-2020-6155


CVE Name: CVE-2020-6155: Code Execution, Memory Corruption vulnerability on Pixar Openusd
Description: A heap overflow vulnerability exists in the Pixar OpenUSD 20.05 while parsing compressed value rep arrays in binary USD files. A specially crafted malformed file can trigger a heap overflow, which can result in remote code execution. To trigger this vulnerability, the victim needs to access an attacker-provided malformed file.
Publish date: 2020-11-13T15:15Z
Last Update: 2022-05-13T20:57Z

CVSS Scores & Vulnerability Types


CVSS Score
Confidentiality ImpactHIGH
Integrity ImpactHIGH
Availability ImpactHIGH
Actack VectorLOCAL
Actack ComplexityLOW
Privileges RequiredNONE
User InteractionREQUIRED
ScopeUNCHANGED
Vulnerability Type(s)Code Execution, Memory Corruption
CWE ID787

Products Affected By CVE-2020-6155


# Vendor Product Vulnerable Versions
1 Pixar Openusd 1

Detail of Verions Affected


# Product Type Vendor Product Version
1 Application Pixar Openusd 20.05

References For CVE-2020-6155


Hyperlink Resource
https://talosintelligence.com/vulnerability_reports/TALOS-2020-1101 Exploit, Third Party Advisory