7.8
CVE-2020-12525
- EPSS 0.11%
- Veröffentlicht 22.01.2021 19:15:12
- Zuletzt bearbeitet 21.11.2024 04:59:52
- Quelle info@cert.vde.com
- CVE-Watchlists
- Unerledigt
LoginWAGO/M&M Software Deserialization of untrusted data in fdtCONTAINER component
M&M Software fdtCONTAINER Component in versions below 3.5.20304.x and between 3.6 and 3.6.20304.x is vulnerable to deserialization of untrusted data in its project storage.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Emerson ≫ Rosemount Transmitter Interface Software Version-
Pepperl-fuchs ≫ Pactware Version >= 5.0 <= 5.0.5.31
Wago ≫ Dtminspector 3 Version-
Wago ≫ Fdtcontainer Application Version < 4.5
Wago ≫ Fdtcontainer Application Version >= 4.5.0 <= 4.5.20304
Wago ≫ Fdtcontainer Application Version >= 4.6.0 <= 4.6.20304
Wago ≫ Fdtcontainer Component Version < 3.5
Wago ≫ Fdtcontainer Component Version >= 3.5.0 <= 3.5.20304
Wago ≫ Fdtcontainer Component Version >= 3.6.0 <= 3.6.20304
Weidmueller ≫ Wi Manager Version <= 2.5.1
Pepperl-fuchs ≫ Io-link Master Firmware Version <= 1.5.48
Pepperl-fuchs ≫ Io-link Master 4-eip Version-
Pepperl-fuchs ≫ Io-link Master 4-pnio Version-
Pepperl-fuchs ≫ Io-link Master 8-eip Version-
Pepperl-fuchs ≫ Io-link Master 8-eip-l Version-
Pepperl-fuchs ≫ Io-link Master 8-pnio Version-
Pepperl-fuchs ≫ Io-link Master 8-pnio-l Version-
Pepperl-fuchs ≫ Io-link Master Dr-8-eip Version-
Pepperl-fuchs ≫ Io-link Master Dr-8-eip-p Version-
Pepperl-fuchs ≫ Io-link Master Dr-8-eip-t Version-
Pepperl-fuchs ≫ Io-link Master Dr-8-pnio Version-
Pepperl-fuchs ≫ Io-link Master Dr-8-pnio-p Version-
Pepperl-fuchs ≫ Io-link Master Dr-8-pnio-t Version-
Pepperl-fuchs ≫ Io-link Master 4-pnio Version-
Pepperl-fuchs ≫ Io-link Master 8-eip Version-
Pepperl-fuchs ≫ Io-link Master 8-eip-l Version-
Pepperl-fuchs ≫ Io-link Master 8-pnio Version-
Pepperl-fuchs ≫ Io-link Master 8-pnio-l Version-
Pepperl-fuchs ≫ Io-link Master Dr-8-eip Version-
Pepperl-fuchs ≫ Io-link Master Dr-8-eip-p Version-
Pepperl-fuchs ≫ Io-link Master Dr-8-eip-t Version-
Pepperl-fuchs ≫ Io-link Master Dr-8-pnio Version-
Pepperl-fuchs ≫ Io-link Master Dr-8-pnio-p Version-
Pepperl-fuchs ≫ Io-link Master Dr-8-pnio-t Version-
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.11% | 0.256 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
| info@cert.vde.com | 7.3 | 1.3 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
|
CWE-502 Deserialization of Untrusted Data
The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.