CVE-2020-7484

Published: Apr 16, 2020Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

**VERSION NOT SUPPORTED WHEN ASSIGNED** A vulnerability with the former 'password' feature could allow a denial of service attack if the user is not following documented guidelines pertaining to dedicated TriStation connection and key-switch protection. This vulnerability was discovered and remediated in versions v4.9.1 and v4.10.1 on May 30, 2013. This feature is not present in version v4.9.1 and v4.10.1 through current. Therefore, the vulnerability is not present in these versions.

Affected (1)

Products: Schneider Electric: Tristation 1131

Schneider Electric

1 product

Tristation 1131

Configuration A

1 vulnerable · 3 platform

Vulnerable Software	Affected Versions
Schneider Electric Tristation 1131	From 1.0 to 4.13.0

Running on/with	Platform Versions
Microsoft Windows 7	All versions
Microsoft Windows Nt	All versions
Microsoft Windows Xp	All versions

References (4)

https://us-cert.cisa.gov/ics/advisories/icsa-20-205-01

Source: cybersecurity@se.com

Third Party AdvisoryUS Government Resource

https://www.se.com/ww/en/download/document/SESB-2020-105-01

Source: cybersecurity@se.com

Vendor Advisory

https://us-cert.cisa.gov/ics/advisories/icsa-20-205-01

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryUS Government Resource

https://www.se.com/ww/en/download/document/SESB-2020-105-01

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.