CVE-2020-7545

CVSS v3.1

7.2

High

Vector

AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions EcoStruxure and SmartStruxure Power Monitoring and SCADA Software (affected versions not specified)

Description A CWE-284: Improper Access Control issue exists that could allow for arbitrary code execution on the server when an authorized user accesses an affected webpage.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-284

Related Identifiers

CVE-2020-7545

Affected Products

Ecostruxure

Smartstruxure Power Monitoring

CVE-2020-7545

Weakness Enumeration

Related Identifiers

Affected Products

References · 4