How severe is CVE-2020-7487?

CVE-2020-7487 has a CVSS v3 score of 9.8 (CRITICAL).

CVE-2020-7487

9.8CRITICAL

A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists which could allow the attacker to execute malicious code on the Modicon M218, M241, M251, and M258 controllers.

Veröffentlicht: 4/22/2020Aktualisiert: 11/21/2024

Beschreibung

A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists which could allow the attacker to execute malicious code on the Modicon M218, M241, M251, and M258 controllers.

KI-AnalyseKI-gestützt

Betroffene Produkte

schneider-electricecostruxure_machine_expert

schneider-electricsomachine

schneider-electricsomachine_motion

schneider-electricmodicon_m218_firmware

schneider-electricmodicon_m218

schneider-electricmodicon_m241_firmware

schneider-electricmodicon_m241

schneider-electricmodicon_m251_firmware

schneider-electricmodicon_m251

schneider-electricmodicon_m258_firmware

schneider-electricmodicon_m258

Referenzen

https://www.se.com/ww/en/download/document/SEVD-2020-105-02
Vendor Advisory
https://www.se.com/ww/en/download/document/SEVD-2020-105-02
Vendor Advisory