6.5
CVE-2020-7052
- EPSS 0.76%
- Published 24.01.2020 20:15:10
- Last modified 21.11.2024 05:36:34
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
CODESYS Control V3, Gateway V3, and HMI V3 before 3.5.15.30 allow uncontrolled memory allocation which can result in a remote denial of service condition.
Data is provided by the National Vulnerability Database (NVD)
Codesys ≫ Control For Beaglebone Version < 3.5.15.30
Codesys ≫ Control For Empc-a/imx6 Version < 3.5.15.30
Codesys ≫ Control For Iot2000 Version < 3.5.15.30
Codesys ≫ Control For Linux Version < 3.5.15.30
Codesys ≫ Control For Pfc100 Version < 3.5.15.30
Codesys ≫ Control For Pfc200 Version < 3.5.15.30
Codesys ≫ Control For Plcnext Version < 3.5.15.30
Codesys ≫ Control For Raspberry Pi Version < 3.5.15.30
Codesys ≫ Control Rte Version >= 3.5.8.60 < 3.5.15.30
Codesys ≫ Control Rte SwPlatformbeckhoff_cx Version >= 3.5.8.60 < 3.5.15.30
Codesys ≫ Control Runtime System Toolkit Version >= 3.0 < 3.5.15.30
Codesys ≫ Control Win Version >= 3.5.9.80 < 3.5.15.30
Codesys ≫ Safety Sil2 Version >= 3.0 < 3.5.15.30
Codesys ≫ Simulation Runtime Version >= 3.5.9.40 < 3.5.15.30
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.76% | 0.722 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 4 | 8 | 2.9 |
AV:N/AC:L/Au:S/C:N/I:N/A:P
|
CWE-770 Allocation of Resources Without Limits or Throttling
The product allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor.