CVE-2020-7562

2020-11-1813:54:32

CWE-125

schneider

www.cve.org

8.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

40.6%

JSON

A CWE-125: Out-of-Bounds Read vulnerability exists in the Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details) which could cause a segmentation fault or a buffer overflow when uploading a specially crafted file on the controller over FTP.

CNA Affected

[
  {
    "product": "Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details)",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details)"
      }
    ]
  }
]

References

www.se.com/ww/en/download/document/SEVD-2020-315-01/