CVE-2020-7508

CRITICAL

9.8

CVSS Severity Score

EPSS Score0.1780%

EPSS Percentile19.21th

Published2020年6月16日

Last Modified2024年11月21日

Vulnerability Description

A CWE-307 Improper Restriction of Excessive Authentication Attempts vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to gain full access by brute force.

Affected Platforms (CPE)

💻

Schneider Electric

Easergy T300 Firmware

<= 1.5.2

References & Advisories

🔗 https://www.se.com/ww/en/download/document/SEVD-2020-161-04

関連する脆弱性情報

CVE-2020-75619.8

A CWE-306: Missing Authentication for Critical Function vulnerability exists in Easergy T300 (with firmware 2.7 and older) that co...

CVE-2020-282159.8

A CWE-862: Missing Authorization vulnerability exists in Easergy T300 (firmware 2.7 and older), that could cause a wide range of p...

CVE-2020-75129.8

A CWE-1103: Use of Platform-Dependent Third Party Components with vulnerabilities vulnerability exists in Easergy T300 (Firmware v...

CVE-2020-75038.8

A CWE-352: Cross-Site Request Forgery (CSRF) vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could a...