WinSCP
Security Risk Profile
30
/100
lowSecurity Risk Score
Comprehensive risk assessment based on 17 vulnerabilities, EPSS scores, exploitation status, and remediation availability.
📅 Data spans from December 17, 2002 to present
17
Total CVEs
9
Critical+High
0
Exploited
6
Unpatched
Threat Assessment
Avg CVSS
7.8
Base severity
Avg EPSS
0%
Exploit probability
Unpatched
6
Critical/High
Risk Level
30/100
low
Severity Distribution
Critical
7High
2Medium
8Low
0Exploit Likelihood
>50% chance
020-50%
05-20%
0<5%
1Age Distribution
Common Weaknesses (CWE)
1
Input Validation
6
2
Buffer Overflow
5
3
Weak RNG
1
4
Race Condition
1
5
Path Traversal
1
Most Affected Products
1. WinSCP WinSCP63
2. Putty PuTTY32
3. Cisco IOS32
4. Canonical Ubuntu Linux12
5. redhat Enterprise Linux Eus12
Recent Vulnerabilities
See more →CVE-2024-31497
CVSS 5.9EPSS 0%medium
Secret Key Recovery of NIST P-521 Private Keys Through Biased ECDSA Nonces in PuTTY Client
4/15/2024
CVE-2023-48795
CVSS 6.0medium
OpenSSH Terrapin attack (CVE-2023-48795)
12/12/2023
CVE-2021-3331
CVSS 10.0critical
1/27/2021
CVE-2020-28864
CVSS 9.8critical
11/23/2020🔧 No Patch
CVE-2019-6110
CVSS 6.8medium
1/31/2019
CVE-2019-6111
CVSS 5.9medium
1/15/2019
CVE-2018-20684
CVSS 7.5high
1/10/2019
CVE-2018-20685
CVSS 5.3medium
1/10/2019
CVE-2019-6109
CVSS 6.8medium
7/23/2015
CVE-2014-2735
CVSS 5.8medium
4/21/2014🔧 No Patch
Monitor WinSCP in Real-Time
Get instant alerts when new vulnerabilities are discovered. Stay ahead of security threats with SecAlerts.