CyberSec.Space Logo
CVEブラウザに戻る

CVE-2020-6970

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0790%
EPSS Percentile8.38th
Published2020年2月19日
Last Modified2024年11月21日

Vulnerability Description

A Heap-based Buffer Overflow was found in Emerson OpenEnterprise SCADA Server 2.83 (if Modbus or ROC Interfaces have been installed and are in use) and all versions of OpenEnterprise 3.1 through 3.3.3, where a specially crafted script could execute code on the OpenEnterprise Server.

Affected Platforms (CPE)

📦
Emerson

Openenterprise Scada Server

>= 3.1 and <= 3.3.3
📦
Emerson

Openenterprise Scada Server

= 2.8.3

References & Advisories

🔗 https://www.us-cert.gov/ics/advisories/icsa-20-049-02
🔗 https://www.us-cert.gov/ics/advisories/icsa-20-049-02

関連する脆弱性情報

CVE-2020-677010.0

Deserialization of Untrusted Data in the BVMS Mobile Video Service (BVMS MVS) allows an unauthenticated remote attacker to execute...

CVE-2020-079610.0

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles cer...

CVE-2020-676910.0

Missing Authentication for Critical Function in the Bosch Video Streaming Gateway (VSG) allows an unauthenticated remote attacker ...

CVE-2020-1238810.0

The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape. *Note: this iss...