Versio.io

CVE-2020-7560

Common vulnerabilities & exposures (CVE)

CVE databaseCVE database blogpostRelease & EoL database
 
Published at: - 11-12-2020 02:15
Last modified: - 31-01-2022 08:33
Total changes: - 3

Description

A CWE-123: Write-what-where Condition vulnerability exists in EcoStruxureâ„¢ Control Expert (all versions) and Unity Pro (former name of EcoStruxureâ„¢ Control Expert) (all versions), that could cause a crash of the software or unexpected code execution when opening a malicious file in EcoStruxureâ„¢ Control Expert software.

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Low
Attack complexity
Local
Attack vector
High
Availability
High
Confidentiality
High
Integrity
None
Privileges required
Changed
Scope
Required
User interaction
8.6
Base score
1.8
6.0
Exploitability score
Impact score
 

Verification logic

OR
vendor=schneider-electric AND product=ecostruxure_control_expert
vendor=schneider-electric AND product=unity_pro
 

Reference

 


Keywords

NVD

 

CVE-2020-7560

 

CVE

 

Common vulnerabilities & exposures

 

CVSS

 

Common vulnerability scoring system

 

Security

 

Vulnerabilities

 

Exposures

 

We use cookies to ensure that we give you the best experience on our website. Read privacy policies for more information.