CVE-2020-7497

2020-06-1619:13:57

CWE-22

schneider

www.cve.org

9.4 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

75.0%

JSON

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability exists in EcoStruxure Operator Terminal Expert 3.1 Service Pack 1 and prior (formerly known as Vijeo XD)which could cause arbitrary application execution when the computer starts.

CNA Affected

[
  {
    "product": "EcoStruxure Operator Terminal Expert 3.1 Service Pack 1 and prior (formerly known as Vijeo XD)",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "EcoStruxure Operator Terminal Expert 3.1 Service Pack 1 and prior (formerly known as Vijeo XD)"
      }
    ]
  }
]

References

www.se.com/ww/en/download/document/SEVD-2020-133-04