CVE-2020-6994
Severity Score
9.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A buffer overflow vulnerability was found in some devices of Hirschmann Automation and Control HiOS and HiSecOS. The vulnerability is due to improper parsing of URL arguments. An attacker could exploit this vulnerability by specially crafting HTTP requests to overflow an internal buffer. The following devices using HiOS Version 07.0.02 and lower are affected: RSP, RSPE, RSPS, RSPL, MSP, EES, EES, EESX, GRS, OS, RED. The following devices using HiSecOS Version 03.2.00 and lower are affected: EAGLE20/30.
Se detectó una vulnerabilidad de desbordamiento de búfer en algunos dispositivos de Hirschmann Automation and Control HiOS y HiSecOS. La vulnerabilidad es debido al análisis inapropiado de los argumentos de la URL. Un atacante podría explotar esta vulnerabilidad mediante peticiones HTTP especialmente diseñadas para desbordar un búfer interno. Los siguientes dispositivos que usan HiOS Versión 07.0.02 y anteriores están afectados: RSP, RSPE, RSPS, RSPL, MSP, EES, EES, EESX, GRS, OS, RED. Los siguientes dispositivos que usan HiSecOS Versión 03.2.00 y anteriores están afectados: EAGLE20 / 30.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2020-01-14 CVE Reserved
- 2020-04-03 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-12: ASP.NET Misconfiguration: Missing Custom Error Page
- CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CAPEC
References (1)
| URL | Tag | Source |
|---|---|---|
| https://www.us-cert.gov/ics/advisories/icsa-20-091-01 | Mitigation |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Belden Search vendor "Belden" | Hirschmann Hios Search vendor "Belden" for product "Hirschmann Hios" | <= 07.0.02 Search vendor "Belden" for product "Hirschmann Hios" and version " <= 07.0.02" | - |
Affected
| in | Belden Search vendor "Belden" | Hirschmann Embedded Ethernet Switch Search vendor "Belden" for product "Hirschmann Embedded Ethernet Switch" | - | - |
Safe
|
| Belden Search vendor "Belden" | Hirschmann Hios Search vendor "Belden" for product "Hirschmann Hios" | <= 07.0.02 Search vendor "Belden" for product "Hirschmann Hios" and version " <= 07.0.02" | - |
Affected
| in | Belden Search vendor "Belden" | Hirschmann Embedded Ethernet Switch Extended Search vendor "Belden" for product "Hirschmann Embedded Ethernet Switch Extended" | - | - |
Safe
|
| Belden Search vendor "Belden" | Hirschmann Hios Search vendor "Belden" for product "Hirschmann Hios" | <= 07.0.02 Search vendor "Belden" for product "Hirschmann Hios" and version " <= 07.0.02" | - |
Affected
| in | Belden Search vendor "Belden" | Hirschmann Greyhound Swtich Search vendor "Belden" for product "Hirschmann Greyhound Swtich" | - | - |
Safe
|
| Belden Search vendor "Belden" | Hirschmann Hios Search vendor "Belden" for product "Hirschmann Hios" | <= 07.0.02 Search vendor "Belden" for product "Hirschmann Hios" and version " <= 07.0.02" | - |
Affected
| in | Belden Search vendor "Belden" | Hirschmann Mice Switch Power Search vendor "Belden" for product "Hirschmann Mice Switch Power" | - | - |
Safe
|
| Belden Search vendor "Belden" | Hirschmann Hios Search vendor "Belden" for product "Hirschmann Hios" | <= 07.0.02 Search vendor "Belden" for product "Hirschmann Hios" and version " <= 07.0.02" | - |
Affected
| in | Belden Search vendor "Belden" | Hirschmann Octopus Search vendor "Belden" for product "Hirschmann Octopus" | - | - |
Safe
|
| Belden Search vendor "Belden" | Hirschmann Hios Search vendor "Belden" for product "Hirschmann Hios" | <= 07.0.02 Search vendor "Belden" for product "Hirschmann Hios" and version " <= 07.0.02" | - |
Affected
| in | Belden Search vendor "Belden" | Hirschmann Prp Redbox Search vendor "Belden" for product "Hirschmann Prp Redbox" | - | - |
Safe
|
| Belden Search vendor "Belden" | Hirschmann Hios Search vendor "Belden" for product "Hirschmann Hios" | <= 07.0.02 Search vendor "Belden" for product "Hirschmann Hios" and version " <= 07.0.02" | - |
Affected
| in | Belden Search vendor "Belden" | Hirschmann Rail Switch Power Search vendor "Belden" for product "Hirschmann Rail Switch Power" | - | - |
Safe
|
| Belden Search vendor "Belden" | Hirschmann Hios Search vendor "Belden" for product "Hirschmann Hios" | <= 07.0.02 Search vendor "Belden" for product "Hirschmann Hios" and version " <= 07.0.02" | - |
Affected
| in | Belden Search vendor "Belden" | Hirschmann Rail Switch Power Enhanced Search vendor "Belden" for product "Hirschmann Rail Switch Power Enhanced" | - | - |
Safe
|
| Belden Search vendor "Belden" | Hirschmann Hios Search vendor "Belden" for product "Hirschmann Hios" | <= 07.0.02 Search vendor "Belden" for product "Hirschmann Hios" and version " <= 07.0.02" | - |
Affected
| in | Belden Search vendor "Belden" | Hirschmann Rail Switch Power Lite Search vendor "Belden" for product "Hirschmann Rail Switch Power Lite" | - | - |
Safe
|
| Belden Search vendor "Belden" | Hirschmann Hios Search vendor "Belden" for product "Hirschmann Hios" | <= 07.0.02 Search vendor "Belden" for product "Hirschmann Hios" and version " <= 07.0.02" | - |
Affected
| in | Belden Search vendor "Belden" | Hirschmann Rail Switch Power Smart Search vendor "Belden" for product "Hirschmann Rail Switch Power Smart" | - | - |
Safe
|
| Belden Search vendor "Belden" | Hirschmann Hisecos Search vendor "Belden" for product "Hirschmann Hisecos" | <= 03.2.00 Search vendor "Belden" for product "Hirschmann Hisecos" and version " <= 03.2.00" | - |
Affected
| in | Belden Search vendor "Belden" | Hirschmann Eagle20 Search vendor "Belden" for product "Hirschmann Eagle20" | - | - |
Safe
|
| Belden Search vendor "Belden" | Hirschmann Hisecos Search vendor "Belden" for product "Hirschmann Hisecos" | <= 03.2.00 Search vendor "Belden" for product "Hirschmann Hisecos" and version " <= 03.2.00" | - |
Affected
| in | Belden Search vendor "Belden" | Hirschmann Eagle30 Search vendor "Belden" for product "Hirschmann Eagle30" | - | - |
Safe
|