PT-2020-2066 · Yokogawa · Tristation
Published
2020-04-14
·
Updated
2023-03-01
·
CVE-2020-7485
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
TriStation versions prior to 4.9.1
TriStation versions prior to 4.10.1
Description
A legacy support account in the TriStation software could cause improper access to the TriStation host machine. The issue is related to the presence of a predefined account. Exploitation of this issue may allow a remote attacker to gain unauthorized access to the TriStation host machine.
Recommendations
For TriStation versions prior to 4.9.1, update to version 4.9.1 or later to resolve the issue.
For TriStation versions prior to 4.10.1, update to version 4.10.1 or later to resolve the issue.
Fix
Improper Access Control
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Tristation