CVE-2020-18756

Published: Aug 13, 2021Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

An arbitrary memory access vulnerability in the EPA protocol of Dut Computer Control Engineering Co.'s PLC MAC1100 allows attackers to read the contents of any variable area.

Affected (1)

Products: Dcce: Mac1100 Plc Firmware

Dcce

1 product

Mac1100 Plc Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Dcce Mac1100 Plc Firmware	All versions

Running on/with	Platform Versions
Dcce Mac1100 Plc	All versions

Related CWEs

CWE-125

Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

References (2)

https://github.com/Ni9htMar3/vulnerability/blob/master/PLC/DCCE/DCCE%20MAC1100%20PLC_read.md

Source: cve@mitre.org

ExploitThird Party Advisory

https://github.com/Ni9htMar3/vulnerability/blob/master/PLC/DCCE/DCCE%20MAC1100%20PLC_read.md

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.