Skip to main content

Public advisory of scammers impersonating CSA and the SPF

Stay vigilant. Read the public advisory

Cyber Security Agency of Singapore
  1. Home
  2. Alerts & Advisories
  3. Alerts
  4. Vulnerability in vBulletin Connect (CVE-2020-12720)
Alerts

Vulnerability in vBulletin Connect (CVE-2020-12720)

13 May 2020

Security researchers discovered a vulnerability (CVE-2020-12720) in vBulletin Connect. CVE-2020-12720 is an improper access control issue which could be exploited without prior authentication. More details on the vulnerability will be released in June 2020.

To fix this issue, vBulletin has created and released a new security patch. Patches are available for the following versions of vBulletin Connect:

•            5.6.1 Patch Level 1

•            5.6.0 Patch Level 1

•            5.5.6 Patch Level 1

Users of vBulletin are advised to install the patch as soon as possible. Users of vBulletin 5 Connect prior to version 5.5.6 are advised to upgrade their software as soon as possible.

More information is available at

https://www.helpnetsecurity.com/2020/05/11/cve-2020-12720/

https://forum.vbulletin.com/forum/vbulletin-announcements/vbulletin-announcements_aa/4440032-vbulletin-5-6-1-security-patch-level-1