CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2020-7495 – Schneider Electric EcoStructure Operator Terminal Expert ZIP Path Traversal Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-7495
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability during zip file extraction exists in EcoStruxure Operator Terminal Expert 3.1 Service Pack 1 and prior (formerly known as Vijeo XD) which could cause unauthorized write access outside of expected path folder when opening the project file. Una CWE-22: Se presenta una vulnerabilidad de Limitación Inapropiada de un Nombre de Ruta en un Directorio Restringido ("Path Traversal") durante la extracción de un archivo zip se presenta en EcoStruxure Operator Terminal Expert versiones 3.1 Service Pack 1 y anteriores (anteriormente conocido como Vijeo XD) que podría causar un acceso de escritura no autorizado fuera de la carpeta de ruta esperada cuando se abre el archivo del proyecto The vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric EcoStructure Operator Terminal Expert. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with the handling of ZIP files. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the current process. • https://www.se.com/ww/en/download/document/SEVD-2020-133-04 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2020-7493 – Schneider Electric EcoStruxure Operator Terminal Expert VXDZ File Parsing Directory Traversal Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-7493
A CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability exists in EcoStruxure Operator Terminal Expert 3.1 Service Pack 1 and prior (formerly known as Vijeo XD) which could cause malicious code execution when opening the project file. Una CWE-89: Una vulnerabilidad de Neutralización Inapropiada de Elementos Especiales utilizados en un Comando SQL ("SQL Injection) en EcoStruxure Operator Terminal Expert versiones 3.1 Service Pack 1 y anteriores (anteriormente conocido como Vijeo XD) que podría causar una ejecución de código malicioso cuando se abre el archivo del proyecto The vulnerablity allows remote attackers to execute arbitrary code on affected installations of Schneider Electric EcoStruxure Operator Terminal Expert. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of VXDZ files. When parsing the parameters to load_extension the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the current process. • https://www.se.com/ww/en/download/document/SEVD-2020-133-04 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2020-10626 – Schneider Electric EcoStruxure IT Gateway Improper Access Control Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2020-10626
In Fazecast jSerialComm, Version 2.2.2 and prior, an uncontrolled search path element vulnerability could allow a malicious DLL file with the same name of any resident DLLs inside the software installation to execute arbitrary code. En Fazecast jSerialComm, Versión 2.2.2 y anteriores, una vulnerabilidad de elemento de ruta de búsqueda no controlada podría permitir que un archivo DLL malicioso, con el mismo nombre de cualquiera de las DLL residentes dentro de la instalación del software, ejecute código arbitrario. This vulnerability allows local attackers to escalate privileges on affected installations of Schneider Electric EcoStruxure IT Gateway. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of files within the Temp directory. The issue results from an incorrect assignment of privilege to a critical resource. • https://www.us-cert.gov/ics/advisories/ICSA2012601 • CWE-427: Uncontrolled Search Path Element •
CVSS: 7.5EPSS: 0%CPEs: 11EXPL: 0CVE-2020-7488
https://notcve.org/view.php?id=CVE-2020-7488
A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists which could leak sensitive information transmitted between the software and the Modicon M218, M241, M251, and M258 controllers. CWE-319: Hay una vulnerabilidad de Transmisión de Información Confidencial en Texto Sin Cifrar que podría filtrar información confidencial transmitida entre el software y los controladores Modicon M218, M241, M251 y M258. • https://www.se.com/ww/en/download/document/SEVD-2020-105-02 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 9.8EPSS: 0%CPEs: 11EXPL: 0CVE-2020-7487
https://notcve.org/view.php?id=CVE-2020-7487
A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists which could allow the attacker to execute malicious code on the Modicon M218, M241, M251, and M258 controllers. CWE-345: Existe una vulnerabilidad de Verificación Insuficiente de la Autenticidad de Datos, lo que podría permitir al atacante ejecutar código malicioso en los controladores Modicon M218, M241, M251 y M258. • https://www.se.com/ww/en/download/document/SEVD-2020-105-02 • CWE-345: Insufficient Verification of Data Authenticity •