CRITICAL🇬🇧 English

CVE-2020-6970

CVSS 9.8v3.1pub. 2020-02-19upd. 2024-11-21

A Heap-based Buffer Overflow was found in Emerson OpenEnterprise SCADA Server 2.83 (if Modbus or ROC Interfaces have been installed and are in use) and all versions of OpenEnterprise 3.1 through 3.3.3, where a specially crafted script could execute code on the OpenEnterprise Server.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Emerson Openenterprise Scada Server

    APP
    Emerson
    2.8.33.1 – 3.3.3
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
Memory
CWE
Referencje

Powiązane podatności

CVE-2020-10640CRITICAL10.0ten sam produkt

Emerson OpenEnterprise versions through 3.3.4 may allow an attacker to run an arbitrary commands with system p...

CVE-2020-10632HIGH8.8ten sam produkt

Inadequate folder security permissions in Emerson OpenEnterprise versions through 3.3.4 may allow modification...

CVE-2020-10636MEDIUM6.5ten sam produkt

Inadequate encryption may allow the passwords for Emerson OpenEnterprise versions through 3.3.4 user accounts ...

CVE-2020-16235LOW3.8ten sam produkt

Inadequate encryption may allow the credentials used by Emerson OpenEnterprise, up through version 3.3.5, to a...

CVE-2023-46687CRITICAL9.8PL ✓ten sam vendor

Emerson Rosemount GC370XA/GC700XA/GC1500XA — zdalne RCE jako root bez uwierzytelnienia