CVE-2020-7508

CRITICAL

9.8

CVSS Severity Score

EPSS Score0.1780%

EPSS Percentile19.21th

PublishedJun 16, 2020

Last ModifiedNov 21, 2024

Vulnerability Description

A CWE-307 Improper Restriction of Excessive Authentication Attempts vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to gain full access by brute force.

Affected Platforms (CPE)

💻

Schneider Electric

Easergy T300 Firmware

<= 1.5.2

References & Advisories

🔗 https://www.se.com/ww/en/download/document/SEVD-2020-161-04

Related Vulnerabilities

CVE-2020-75619.8

A CWE-306: Missing Authentication for Critical Function vulnerability exists in Easergy T300 (with firmware 2.7 and older) that co...

CVE-2020-282159.8

A CWE-862: Missing Authorization vulnerability exists in Easergy T300 (firmware 2.7 and older), that could cause a wide range of p...

CVE-2020-75129.8

A CWE-1103: Use of Platform-Dependent Third Party Components with vulnerabilities vulnerability exists in Easergy T300 (Firmware v...

CVE-2020-75038.8

A CWE-352: Cross-Site Request Forgery (CSRF) vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could a...