PT-2019-5402 · Schneider Electric · Easergy Builder

Publicado

2019-08-21

·

Atualizado

2020-07-27

·

CVE-2020-7518

CVSS v2.0

8.5

Alta

VetorAV:N/AC:L/Au:N/C:N/I:P/A:C
Name of the Vulnerable Software and Affected Versions Easergy Builder versions 1.4.7.2 and older
Description The issue is related to improper input validation in the Easergy Builder software, which could allow a remote attacker to modify project configuration files.
Recommendations For Easergy Builder versions 1.4.7.2 and older, update to a version newer than 1.4.7.2 to resolve the issue.

Correção

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20

Identificadores relacionados

BDU:2020-02735
CVE-2020-7518

Produtos afetados

Easergy Builder