CyberSec.Space Logo
Back to CVE Browser

CVE-2020-6970

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0790%
EPSS Percentile8.38th
PublishedFeb 19, 2020
Last ModifiedNov 21, 2024

Vulnerability Description

A Heap-based Buffer Overflow was found in Emerson OpenEnterprise SCADA Server 2.83 (if Modbus or ROC Interfaces have been installed and are in use) and all versions of OpenEnterprise 3.1 through 3.3.3, where a specially crafted script could execute code on the OpenEnterprise Server.

Affected Platforms (CPE)

📦
Emerson

Openenterprise Scada Server

>= 3.1 and <= 3.3.3
📦
Emerson

Openenterprise Scada Server

= 2.8.3

References & Advisories

🔗 https://www.us-cert.gov/ics/advisories/icsa-20-049-02
🔗 https://www.us-cert.gov/ics/advisories/icsa-20-049-02

Related Vulnerabilities

CVE-2020-2521310.0

The File Manager (wp-file-manager) plugin before 6.9 for WordPress allows remote attackers to upload and execute arbitrary PHP cod...

CVE-2020-1516410.0

in Scratch Login (MediaWiki extension) before version 1.1, any account can be logged into by using the same username with leading,...

CVE-2020-1450010.0

Secomea GateManager all versions prior to 9.2c, An attacker can send a negative value and overwrite arbitrary data.

CVE-2020-696210.0

In ApexPro Telemetry Server, Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Ve...