Unity Editor RCE (CVE-2017-12939)

Unity has identified a Remote Code Execution flaw in the Editor and is rolling out a critical security patch to remediate this issue.

The CVE id is CVE-2017-12939.

A Remote Code Execution vulnerability was identified in all Windows versions of Unity Editor, e.g., before 5.3.8p2, 5.4.x before 5.4.5p5, 5.5.x before 5.5.4p3, 5.6.x before 5.6.3p1, and 2017.x before 2017.1.0p4.

Vulnerability Details:

TBA (To Be Announced after Responsible Disclosure)

Leave a Comment