Code injection

2020-02-0516:15:00

PRIOn knowledge base

www.prio-n.com

9.2 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

59.6%

JSON

It is possible to unmask credentials and other sensitive information on “unprotected” project files, which may allow an attacker to remotely access the C-More Touch Panels EA9 series: firmware versions prior to 6.53 and manipulate system configurations.

CPENameOperatorVersion
c-more_ea9-rhi_firmwarelt6.53
c-more_ea9-t10cl_firmwarelt6.53
c-more_ea9-t10wcl_firmwarelt6.53
c-more_ea9-t12cl_firmwarelt6.53
c-more_ea9-t15cl-r_firmwarelt6.53
c-more_ea9-t15cl_firmwarelt6.53
c-more_ea9-t6cl-r_firmwarelt6.53
c-more_ea9-t6cl_firmwarelt6.53
c-more_ea9-t7cl-r_firmwarelt6.53
c-more_ea9-t7cl_firmwarelt6.53

Name	Operator	Version
c-more_ea9-rhi_firmware	lt	6.53
c-more_ea9-t10cl_firmware	lt	6.53
c-more_ea9-t10wcl_firmware	lt	6.53
c-more_ea9-t12cl_firmware	lt	6.53
c-more_ea9-t15cl-r_firmware	lt	6.53
c-more_ea9-t15cl_firmware	lt	6.53
c-more_ea9-t6cl-r_firmware	lt	6.53
c-more_ea9-t6cl_firmware	lt	6.53
c-more_ea9-t7cl-r_firmware	lt	6.53
c-more_ea9-t7cl_firmware	lt	6.53

Rows per page:

1-10 of 111

References

www.us-cert.gov/ics/advisories/icsa-20-035-01