7.8
CVE-2020-7557
- EPSS 0.66%
- Veröffentlicht 19.11.2020 22:15:14
- Zuletzt bearbeitet 21.11.2024 05:37:22
- Quelle cybersecurity@se.com
- Teams Watchlist Login
- Unerledigt Login
A CWE-125 Out-of-bounds Read vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Schneider-electric ≫ Interactive Graphical Scada System Version <= 14.0.0.20247
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
Typ | Quelle | Score | Percentile |
---|---|---|---|
EPSS | FIRST.org | 0.66% | 0.687 |
Quelle | Base Score | Exploit Score | Impact Score | Vector String |
---|---|---|---|---|
nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
|
nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
CWE-125 Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.