CVE-2020-6996

🗓️ 15 Apr 2020 18:46:30Reported by icscertType

Triangle MicroWorks DNP3 Outstation LibrariesDNP3 Outstation .NET Protocol components and DNP3 Outstation ANSI C source code libraries are affected by CVE-2020-6996. A stack-based buffer overflow can be triggered by a specially crafted message without authentication

Reporter	Title	Published	Views	Family All 9
BDU FSTEC	The vulnerability of .NET components in the communication protocol library for connecting components of ASU TP Triangle MicroWorks DNP3 Source Code Library, a control platform for managing public distribution and transmission networks of Schneider Electric Saitel DR RTU, allows a intruder to cause a service failure.	26 Jun 202300:00	–	bdu_fstec
CNVD	Triangle MicroWorks DNP3 Outstation Libraries Buffer Overflow Vulnerability	15 Apr 202000:00	–	cnvd
CVE	CVE-2020-6996	15 Apr 202018:46	–	cve
EUVD	EUVD-2020-28136	7 Oct 202500:30	–	euvd
ICS	Triangle MicroWorks DNP3 Outstation Libraries	14 Apr 202000:00	–	ics
NVD	CVE-2020-6996	15 Apr 202019:15	–	nvd
OSV	CVE-2020-6996	15 Apr 202019:15	–	osv
Prion	Stack overflow	15 Apr 202019:15	–	prion
RedhatCVE	CVE-2020-6996	22 May 202517:30	–	redhatcve

[
  {
    "product": "Triangle MicroWorks DNP3 Outstation LibrariesDNP3 Outstation .NET Protocol components and DNP3 Outstation ANSI C source code libraries are affected:3.16.00 through 3.25.01",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Triangle MicroWorks DNP3 Outstation LibrariesDNP3 Outstation .NET Protocol components and DNP3 Outstation ANSI C source code libraries are affected:3.16.00 through 3.25.01"
      }
    ]
  }
]

Source	Link
us-cert	www.us-cert.gov/ics/advisories/icsa-20-105-02

15 Apr 2020 18:46Current

9.6High risk

Vulners AI Score9.6

EPSS0.01349

CWE-121