CVE-2020-7533
Severity Score
9.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A CWE-255: Credentials Management vulnerability exists in Web Server on Modicon M340, Modicon Quantum and ModiconPremium Legacy offers and their Communication Modules (see security notification for version information) which could cause the execution of commands on the webserver without authentication when sending specially crafted HTTP requests.
Una CWE-255: Se presenta una vulnerabilidad Administración de Credenciales en el Servidor Web en Modicon M340, Modicon Quantum y ofertas ModiconPremium Legacy y sus Módulos de Comunicación (véase la notificación de seguridad para la información de la versión) que podría causar una ejecución de comandos en el servidor web sin autenticación cuando se envía peticiones HTTP diseñadas
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2020-01-21 CVE Reserved
- 2020-12-01 CVE Published
- 2024-04-05 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-255: Credentials Management Errors
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.se.com/ww/en/download/document/SEVD-2020-287-01 | 2024-04-10 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Schneider-electric Search vendor "Schneider-electric" | Modicon M340 Bmxp3420302 Firmware Search vendor "Schneider-electric" for product "Modicon M340 Bmxp3420302 Firmware" | < 3.20 Search vendor "Schneider-electric" for product "Modicon M340 Bmxp3420302 Firmware" and version " < 3.20" | - |
Affected
| in | Schneider-electric Search vendor "Schneider-electric" | Modicon M340 Bmxp3420302 Search vendor "Schneider-electric" for product "Modicon M340 Bmxp3420302" | - | - |
Safe
|
| Schneider-electric Search vendor "Schneider-electric" | Modicon M340 Bmxp342000 Firmware Search vendor "Schneider-electric" for product "Modicon M340 Bmxp342000 Firmware" | < 3.20 Search vendor "Schneider-electric" for product "Modicon M340 Bmxp342000 Firmware" and version " < 3.20" | - |
Affected
| in | Schneider-electric Search vendor "Schneider-electric" | Modicon M340 Bmxp342000 Search vendor "Schneider-electric" for product "Modicon M340 Bmxp342000" | - | - |
Safe
|
| Schneider-electric Search vendor "Schneider-electric" | Modicon M340 Bmxp341000 Firmware Search vendor "Schneider-electric" for product "Modicon M340 Bmxp341000 Firmware" | < 3.20 Search vendor "Schneider-electric" for product "Modicon M340 Bmxp341000 Firmware" and version " < 3.20" | - |
Affected
| in | Schneider-electric Search vendor "Schneider-electric" | Modicon M340 Bmxp341000 Search vendor "Schneider-electric" for product "Modicon M340 Bmxp341000" | - | - |
Safe
|
| Schneider-electric Search vendor "Schneider-electric" | Modicon M340 Bmxp3420102 Firmware Search vendor "Schneider-electric" for product "Modicon M340 Bmxp3420102 Firmware" | < 3.20 Search vendor "Schneider-electric" for product "Modicon M340 Bmxp3420102 Firmware" and version " < 3.20" | - |
Affected
| in | Schneider-electric Search vendor "Schneider-electric" | Modicon M340 Bmxp3420102 Search vendor "Schneider-electric" for product "Modicon M340 Bmxp3420102" | - | - |
Safe
|
| Schneider-electric Search vendor "Schneider-electric" | Modicon M340 Bmxp3420302 Firmware Search vendor "Schneider-electric" for product "Modicon M340 Bmxp3420302 Firmware" | < 3.20 Search vendor "Schneider-electric" for product "Modicon M340 Bmxp3420302 Firmware" and version " < 3.20" | - |
Affected
| in | Schneider-electric Search vendor "Schneider-electric" | Modicon M340 Bmxp3420302 Search vendor "Schneider-electric" for product "Modicon M340 Bmxp3420302" | - | - |
Safe
|
| Schneider-electric Search vendor "Schneider-electric" | Bmxnoe0100 Firmware Search vendor "Schneider-electric" for product "Bmxnoe0100 Firmware" | < 3.3 Search vendor "Schneider-electric" for product "Bmxnoe0100 Firmware" and version " < 3.3" | - |
Affected
| in | Schneider-electric Search vendor "Schneider-electric" | Bmxnoe0100 Search vendor "Schneider-electric" for product "Bmxnoe0100" | - | - |
Safe
|
| Schneider-electric Search vendor "Schneider-electric" | Bmxnoe0110 Firmware Search vendor "Schneider-electric" for product "Bmxnoe0110 Firmware" | < 6.5 Search vendor "Schneider-electric" for product "Bmxnoe0110 Firmware" and version " < 6.5" | - |
Affected
| in | Schneider-electric Search vendor "Schneider-electric" | Bmxnoe0110 Search vendor "Schneider-electric" for product "Bmxnoe0110" | - | - |
Safe
|
| Schneider-electric Search vendor "Schneider-electric" | Bmxnoc0401 Firmware Search vendor "Schneider-electric" for product "Bmxnoc0401 Firmware" | < 2.10 Search vendor "Schneider-electric" for product "Bmxnoc0401 Firmware" and version " < 2.10" | - |
Affected
| in | Schneider-electric Search vendor "Schneider-electric" | Bmxnoc0401 Search vendor "Schneider-electric" for product "Bmxnoc0401" | - | - |
Safe
|
| Schneider-electric Search vendor "Schneider-electric" | Tsxp574634 Firmware Search vendor "Schneider-electric" for product "Tsxp574634 Firmware" | < 6.1 Search vendor "Schneider-electric" for product "Tsxp574634 Firmware" and version " < 6.1" | - |
Affected
| in | Schneider-electric Search vendor "Schneider-electric" | Tsxp574634 Search vendor "Schneider-electric" for product "Tsxp574634" | - | - |
Safe
|
| Schneider-electric Search vendor "Schneider-electric" | Tsxp575634 Firmware Search vendor "Schneider-electric" for product "Tsxp575634 Firmware" | < 6.1 Search vendor "Schneider-electric" for product "Tsxp575634 Firmware" and version " < 6.1" | - |
Affected
| in | Schneider-electric Search vendor "Schneider-electric" | Tsxp575634 Search vendor "Schneider-electric" for product "Tsxp575634" | - | - |
Safe
|
| Schneider-electric Search vendor "Schneider-electric" | Tsxp576634 Firmware Search vendor "Schneider-electric" for product "Tsxp576634 Firmware" | < 6.1 Search vendor "Schneider-electric" for product "Tsxp576634 Firmware" and version " < 6.1" | - |
Affected
| in | Schneider-electric Search vendor "Schneider-electric" | Tsxp576634 Search vendor "Schneider-electric" for product "Tsxp576634" | - | - |
Safe
|
| Schneider-electric Search vendor "Schneider-electric" | Tsxety4103 Firmware Search vendor "Schneider-electric" for product "Tsxety4103 Firmware" | < 6.2 Search vendor "Schneider-electric" for product "Tsxety4103 Firmware" and version " < 6.2" | - |
Affected
| in | Schneider-electric Search vendor "Schneider-electric" | Tsxety4103 Search vendor "Schneider-electric" for product "Tsxety4103" | - | - |
Safe
|
| Schneider-electric Search vendor "Schneider-electric" | Tsxety5103 Firmware Search vendor "Schneider-electric" for product "Tsxety5103 Firmware" | < 6.4 Search vendor "Schneider-electric" for product "Tsxety5103 Firmware" and version " < 6.4" | - |
Affected
| in | Schneider-electric Search vendor "Schneider-electric" | Tsxety5103 Search vendor "Schneider-electric" for product "Tsxety5103" | - | - |
Safe
|
| Schneider-electric Search vendor "Schneider-electric" | 140noe77111 Firmware Search vendor "Schneider-electric" for product "140noe77111 Firmware" | < 7.1 Search vendor "Schneider-electric" for product "140noe77111 Firmware" and version " < 7.1" | - |
Affected
| in | Schneider-electric Search vendor "Schneider-electric" | 140noe77111 Search vendor "Schneider-electric" for product "140noe77111" | - | - |
Safe
|
| Schneider-electric Search vendor "Schneider-electric" | 140noc78000 Firmware Search vendor "Schneider-electric" for product "140noc78000 Firmware" | < 1.74 Search vendor "Schneider-electric" for product "140noc78000 Firmware" and version " < 1.74" | - |
Affected
| in | Schneider-electric Search vendor "Schneider-electric" | 140noc78000 Search vendor "Schneider-electric" for product "140noc78000" | - | - |
Safe
|
| Schneider-electric Search vendor "Schneider-electric" | 140noc77101 Firmware Search vendor "Schneider-electric" for product "140noc77101 Firmware" | < 1.08 Search vendor "Schneider-electric" for product "140noc77101 Firmware" and version " < 1.08" | - |
Affected
| in | Schneider-electric Search vendor "Schneider-electric" | 140noc77101 Search vendor "Schneider-electric" for product "140noc77101" | - | - |
Safe
|
| Schneider-electric Search vendor "Schneider-electric" | 140cpu65260 Firmware Search vendor "Schneider-electric" for product "140cpu65260 Firmware" | < 6.1 Search vendor "Schneider-electric" for product "140cpu65260 Firmware" and version " < 6.1" | - |
Affected
| in | Schneider-electric Search vendor "Schneider-electric" | 140cpu65260 Search vendor "Schneider-electric" for product "140cpu65260" | - | - |
Safe
|