PT-2020-19639 · Siemens · Dca Vantage Analyzer+1

Published

2020-10-13

Updated

2020-10-29

CVE-2020-7590

CVSS v3.1

6.8

Medium

Vector

AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

A vulnerability has been identified in DCA Vantage Analyzer (All versions < V4.5 are affected by CVE-2020-7590. In addition, serial numbers < 40000 running software V4.4.0 are also affected by CVE-2020-15797). Affected devices use a hard-coded password to protect the onboard database. This could allow an attacker to read and or modify the onboard database. Successful exploitation requires direct physical access to the device.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-259

Related Identifiers

CVE-2020-7590

Affected Products

Dca Vantage Analyzer

Dca Vantage Analyzer Firmware

PT-2020-19639 · Siemens · Dca Vantage Analyzer+1

CVE-2020-7590

Weakness Enumeration

Related Identifiers

Affected Products

References · 3