6.5
CVE-2020-7052
- EPSS 0.76%
- Veröffentlicht 24.01.2020 20:15:10
- Zuletzt bearbeitet 21.11.2024 05:36:34
- Quelle cve@mitre.org
- Teams Watchlist Login
- Unerledigt Login
CODESYS Control V3, Gateway V3, and HMI V3 before 3.5.15.30 allow uncontrolled memory allocation which can result in a remote denial of service condition.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Codesys ≫ Control For Beaglebone Version < 3.5.15.30
Codesys ≫ Control For Empc-a/imx6 Version < 3.5.15.30
Codesys ≫ Control For Iot2000 Version < 3.5.15.30
Codesys ≫ Control For Linux Version < 3.5.15.30
Codesys ≫ Control For Pfc100 Version < 3.5.15.30
Codesys ≫ Control For Pfc200 Version < 3.5.15.30
Codesys ≫ Control For Plcnext Version < 3.5.15.30
Codesys ≫ Control For Raspberry Pi Version < 3.5.15.30
Codesys ≫ Control Rte Version >= 3.5.8.60 < 3.5.15.30
Codesys ≫ Control Rte SwPlatformbeckhoff_cx Version >= 3.5.8.60 < 3.5.15.30
Codesys ≫ Control Runtime System Toolkit Version >= 3.0 < 3.5.15.30
Codesys ≫ Control Win Version >= 3.5.9.80 < 3.5.15.30
Codesys ≫ Safety Sil2 Version >= 3.0 < 3.5.15.30
Codesys ≫ Simulation Runtime Version >= 3.5.9.40 < 3.5.15.30
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.76% | 0.722 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 4 | 8 | 2.9 |
AV:N/AC:L/Au:S/C:N/I:N/A:P
|
CWE-770 Allocation of Resources Without Limits or Throttling
The product allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor.