realtimelogic CVE Vulnerabilities & Metrics

Focus on realtimelogic vulnerabilities and metrics.

Last updated: 16 Jan 2026, 23:25 UTC

About realtimelogic Security Exposure

This page consolidates all known Common Vulnerabilities and Exposures (CVEs) associated with realtimelogic. We track both calendar-based metrics (using fixed periods) and rolling metrics (using gliding windows) to give you a comprehensive view of security trends and risk evolution. Use these insights to assess risk and plan your patching strategy.

For a broader perspective on cybersecurity threats, explore the comprehensive list of CVEs by vendor and product. Stay updated on critical vulnerabilities affecting major software and hardware providers.

Global CVE Overview

Total realtimelogic CVEs: 3
Earliest CVE date: 21 May 2014, 14:55 UTC
Latest CVE date: 22 Dec 2025, 20:15 UTC

Latest CVE reference: CVE-2025-65790

Rolling Stats

30-day Count (Rolling): 1
365-day Count (Rolling): 1

Calendar-based Variation

Calendar-based Variation compares a fixed calendar period (e.g., this month versus the same month last year), while Rolling Growth Rate uses a continuous window (e.g., last 30 days versus the previous 30 days) to capture trends independent of calendar boundaries.

Variations & Growth

Month Variation (Calendar): 0%
Year Variation (Calendar): 0%

Month Growth Rate (30-day Rolling): 0.0%
Year Growth Rate (365-day Rolling): 0.0%

Monthly CVE Trends (current vs previous Year)

Annual CVE Trends (Last 20 Years)

Critical realtimelogic CVEs (CVSS ≥ 9) Over 20 Years

CVSS Stats

Average CVSS: 2.88

Max CVSS: 7.2

Critical CVEs (≥9): 0

CVSS Range vs. Count

Range	Count
0.0-3.9	2
4.0-6.9	1
7.0-8.9	1
9.0-10.0	0

CVSS Distribution Chart

Top 5 Highest CVSS realtimelogic CVEs

These are the five CVEs with the highest CVSS scores for realtimelogic, sorted by severity first and recency.

CVE-2020-23834 realtimelogic Published on 04 Sep 2020, 04:15 UTC (CVSS: 7.2)
Insecure Service File Permissions in the bd service in Real Time Logic BarracudaDrive v6.5 allow local attackers to escalate privileges to admin by replacing the %SYSTEMDRIVE%\bd\bd.exe file. When the computer next starts, the new bd.exe will be run as LocalSystem.
CVE-2014-3808 realtimelogic Published on 21 May 2014, 14:55 UTC (CVSS: 4.3)
Multiple cross-site scripting (XSS) vulnerabilities in BarracudaDrive before 6.7.2 allow remote attackers to inject arbitrary web script or HTML via the (1) role parameter to roles.lsp, (2) name parameter to user.lsp, (3) path parameter to wizard/setuser.lsp, (4) host parameter to tunnelconstr.lsp, or (5) newpath parameter to wfsconstr.lsp in rtl/protected/admin/.
CVE-2025-65790 realtimelogic Published on 22 Dec 2025, 20:15 UTC (CVSS: 0)
A reflected cross-site scripting (XSS) vulnerability exists in FuguHub 8.1 when serving SVG files through the /fs/ file manager interface. FuguHub does not sanitize or restrict script execution inside SVG content. When a victim opens a crafted SVG containing an inline <script> element, the browser executes the attacker-controlled JavaScript.
CVE-2023-24078 realtimelogic Published on 17 Feb 2023, 07:15 UTC (CVSS: 0)
Real Time Logic FuguHub v8.1 and earlier was discovered to contain a remote code execution (RCE) vulnerability via the component /FuguHub/cmsdocs/.

All CVEs for realtimelogic

CVE-2025-65790 realtimelogic vulnerability CVSS: 0 22 Dec 2025, 20:15 UTC

A reflected cross-site scripting (XSS) vulnerability exists in FuguHub 8.1 when serving SVG files through the /fs/ file manager interface. FuguHub does not sanitize or restrict script execution inside SVG content. When a victim opens a crafted SVG containing an inline <script> element, the browser executes the attacker-controlled JavaScript.

CVE-2023-24078 realtimelogic vulnerability CVSS: 0 17 Feb 2023, 07:15 UTC

Real Time Logic FuguHub v8.1 and earlier was discovered to contain a remote code execution (RCE) vulnerability via the component /FuguHub/cmsdocs/.

CVE-2020-23834 realtimelogic vulnerability CVSS: 7.2 04 Sep 2020, 04:15 UTC

Insecure Service File Permissions in the bd service in Real Time Logic BarracudaDrive v6.5 allow local attackers to escalate privileges to admin by replacing the %SYSTEMDRIVE%\bd\bd.exe file. When the computer next starts, the new bd.exe will be run as LocalSystem.

CVE-2014-3808 realtimelogic vulnerability CVSS: 4.3 21 May 2014, 14:55 UTC

Multiple cross-site scripting (XSS) vulnerabilities in BarracudaDrive before 6.7.2 allow remote attackers to inject arbitrary web script or HTML via the (1) role parameter to roles.lsp, (2) name parameter to user.lsp, (3) path parameter to wizard/setuser.lsp, (4) host parameter to tunnelconstr.lsp, or (5) newpath parameter to wfsconstr.lsp in rtl/protected/admin/.