Lucene search

[email protected]NVD:CVE-2020-7537

HistoryDec 11, 2020 - 1:15 a.m.

CVE-2020-7537

2020-12-1101:15:12

CWE-754

[email protected]

web.nvd.nist.gov

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

42.6%

JSON

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum & Modicon Premium (see security notifications for affected versions), that could cause denial of service when a specially crafted Read Physical Memory request over Modbus is sent to the controller.

Affected configurations

NVD

Node

schneider-electricmodicon_m580_bmep584040_firmwareRange<3.20

AND

schneider-electricmodicon_m580_bmep584040Match-

Node

schneider-electricmodicon_m580_bmep582040_firmwareRange<3.20

AND

schneider-electricmodicon_m580_bmep582040Match-

Node

schneider-electricmodicon_m580_bmep586040_firmwareRange<3.20

AND

schneider-electricmodicon_m580_bmep586040Match-

Node

schneider-electricmodicon_m580_bmep585040_firmwareRange<3.20

AND

schneider-electricmodicon_m580_bmep585040Match-

Node

schneider-electricmodicon_m580_bmep582020_firmwareRange<3.20

AND

schneider-electricmodicon_m580_bmep582020Match-

Node

schneider-electricmodicon_m580_bmep581020_firmwareRange<3.20

AND

schneider-electricmodicon_m580_bmep581020Match-

Node

schneider-electricmodicon_m580_bmep584020_firmwareRange<3.20

AND

schneider-electricmodicon_m580_bmep584020Match-

Node

schneider-electricmodicon_m580_bmep583040_firmwareRange<3.20

AND

schneider-electricmodicon_m580_bmep583040Match-

Node

schneider-electricmodicon_m580_bmep583020_firmwareRange<3.20

AND

schneider-electricmodicon_m580_bmep583020Match-

Node

schneider-electricmodicon_m340_bmxp341000_firmwareRange<3.30

AND

schneider-electricmodicon_m340_bmxp341000Match-

Node

schneider-electricmodicon_m340_bmxp342000_firmwareRange<3.30

AND

schneider-electricmodicon_m340_bmxp342000Match-

Node

schneider-electricmodicon_m340_bmxp3420102_firmwareRange<3.30

AND

schneider-electricmodicon_m340_bmxp3420102Match-

Node

schneider-electricmodicon_m340_bmxp3420102cl_firmwareRange<3.30

AND

schneider-electricmodicon_m340_bmxp3420102clMatch-

Node

schneider-electricmodicon_m340_bmxp342020_firmwareRange<3.30

AND

schneider-electricmodicon_m340_bmxp342020Match-

Node

schneider-electricmodicon_m340_bmxp3420302_firmwareRange<3.30

AND

schneider-electricmodicon_m340_bmxp3420302Match-

Node

schneider-electricmodicon_m340_bmxp3420302cl_firmwareRange<3.30

AND

schneider-electricmodicon_m340_bmxp3420302clMatch-

Node

schneider-electrictsxp574634_firmware

AND

schneider-electrictsxp574634Match-

Node

schneider-electrictsxp575634_firmware

AND

schneider-electrictsxp575634Match-

Node

schneider-electrictsxp576634_firmware

AND

schneider-electrictsxp576634Match-

References

www.se.com/ww/en/download/document/SEVD-2020-343-08/

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

42.6%

JSON

Related for NVD:CVE-2020-7537

prion1 nessus1 cvelist1 cve1