PT-2020-2067 · Yokogawa · Tristation 1131
Reid Wightman
·
Published
2020-04-14
·
Updated
2021-11-10
·
CVE-2020-7484
CVSS v2.0
7.8
High
| Vector | AV:N/AC:L/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
TriStation 1131 versions prior to v4.9.1
TriStation 1131 versions prior to v4.10.1
Description
The issue is related to errors in resource release in the
password function of the TriStation 1131 security logic analysis software. Exploitation of this issue could allow a remote attacker to cause a denial of service if the user does not follow documented guidelines for dedicated TriStation connection and key-switch protection.Recommendations
For versions prior to v4.9.1, update to version v4.9.1 or later to resolve the issue.
For versions prior to v4.10.1, update to version v4.10.1 or later to resolve the issue.
As a temporary workaround, consider following documented guidelines pertaining to dedicated TriStation connection and key-switch protection to minimize the risk of exploitation.
Fix
Improper Resource Release
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Tristation 1131