EUVD-2020-28110

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

Heap-based Buffer Overflow found in Emerson OpenEnterprise SCADA Server versions 2.83 and 3.1 to 3.3.3

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2020-6970	27 May 202011:15	–	circl
CNVD	Emerson OpenEnterprise SCADA Server Buffer Overflow Vulnerability	19 Feb 202000:00	–	cnvd
CVE	CVE-2020-6970	19 Feb 202020:19	–	cve
Cvelist	CVE-2020-6970	19 Feb 202020:19	–	cvelist
ICS	Emerson OpenEnterprise	18 Feb 202000:00	–	ics
NVD	CVE-2020-6970	19 Feb 202021:15	–	nvd
OSV	CVE-2020-6970	19 Feb 202021:15	–	osv
Prion	Heap overflow	19 Feb 202021:15	–	prion
RedhatCVE	CVE-2020-6970	22 May 202515:41	–	redhatcve

[
  {
    "enisaIdVendor": [
      {
        "id": "bfb6e84e-07c6-38ad-a3a6-932ded5d2dc7",
        "vendor": {
          "name": "Emerson"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "38be6277-36dc-30db-ba5c-101d412afc43",
        "product": {
          "name": "OpenEnterprise"
        },
        "product_version": "3.1 through 3.3.3"
      },
      {
        "id": "8c3aeada-42e5-3025-a843-8569e6be659c",
        "product": {
          "name": "OpenEnterprise SCADA Server"
        },
        "product_version": "2.83 (if Modbus or ROC Interfaces have been installed and are in use)"
      }
    ]
  }
]

Source	Link
us-cert	www.us-cert.gov/ics/advisories/icsa-20-049-02
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

9.2High risk

Vulners AI Score9.2

CVSS 3.19.8

CVSS 27.5

EPSS0.0115