CVSS: 7.5EPSS: 0%CPEs: 15EXPL: 0CVE-2020-7491
https://notcve.org/view.php?id=CVE-2020-7491
**VERSION NOT SUPPORTED WHEN ASSIGNED** A legacy debug port account in TCMs installed in Tricon system versions 10.2.0 through 10.5.3 is visible on the network and could allow inappropriate access. This vulnerability was remediated in TCM version 10.5.4. **VERSION NO SOPORTADA CUANDO SE ASIGNÓ** Una cuenta de puerto de depuración heredada en los TCM instalados en sistema Tricon versiones 10.2.0 hasta 10.5.3, es visible en la red y podría permitir un acceso inapropiado. Esta vulnerabilidad es corregida en TCM versión 10.5.4 • https://us-cert.cisa.gov/ics/advisories/icsa-20-205-01 https://www.se.com/ww/en/download/document/SESB-2020-105-01 •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0CVE-2020-7485
https://notcve.org/view.php?id=CVE-2020-7485
**VERSION NOT SUPPORTED WHEN ASSIGNED** A legacy support account in the TriStation software version v4.9.0 and earlier could cause improper access to the TriStation host machine. This was addressed in TriStation version v4.9.1 and v4.10.1 released on May 30, 2013.1 **VERSIÓN NO COMPATIBLE CUANDO SE ASIGNÓ** Una cuenta de soporte heredada en la versión v4.9.0 y anteriores del software TriStation podría causar un acceso inapropiado a la máquina host de TriStation. Esto fue abordado en TriStation versiones v4.9.1 y v4.10.1 publicadas en May 30, 2013.1 • https://us-cert.cisa.gov/ics/advisories/icsa-20-205-01 https://www.se.com/ww/en/download/document/SESB-2020-105-01 •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2020-7484
https://notcve.org/view.php?id=CVE-2020-7484
**VERSION NOT SUPPORTED WHEN ASSIGNED** A vulnerability with the former 'password' feature could allow a denial of service attack if the user is not following documented guidelines pertaining to dedicated TriStation connection and key-switch protection. This vulnerability was discovered and remediated in versions v4.9.1 and v4.10.1 on May 30, 2013. This feature is not present in version v4.9.1 and v4.10.1 through current. Therefore, the vulnerability is not present in these versions. **VERSIÓN NO COMPATIBLE CUANDO SE ASIGNÓ** Una vulnerabilidad con la antigua funcionalidad "password" podría permitir un ataque de denegación de servicio si el usuario no sigue las directrices documentadas relativas a la conexión de TriStation dedicada y a la protección key-switch. • https://us-cert.cisa.gov/ics/advisories/icsa-20-205-01 https://www.se.com/ww/en/download/document/SESB-2020-105-01 •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2020-7483
https://notcve.org/view.php?id=CVE-2020-7483
**VERSION NOT SUPPORTED WHEN ASSIGNED** A vulnerability could cause certain data to be visible on the network when the 'password' feature is enabled. This vulnerability was discovered in and remediated in versions v4.9.1 and v4.10.1 on May 30, 2013. The 'password' feature is an additional optional check performed by TS1131 that it is connected to a specific controller. This data is sent as clear text and is visible on the network. This feature is not present in TriStation 1131 versions v4.9.1 and v4.10.1 through current. • https://us-cert.cisa.gov/ics/advisories/icsa-20-205-01 https://www.se.com/ww/en/download/document/SESB-2020-105-01 • CWE-319: Cleartext Transmission of Sensitive Information •