← Back

CVE-2020-7491

nvd nist
Published: Jul 23, 2020Modified: Nov 21, 2024

JSON object

Loading...
7.5
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Exploitability: 3.9 / Impact: 3.6
Source: NVD

Description

**VERSION NOT SUPPORTED WHEN ASSIGNED** A legacy debug port account in TCMs installed in Tricon system versions 10.2.0 through 10.5.3 is visible on the network and could allow inappropriate access. This vulnerability was remediated in TCM version 10.5.4.

Affected (8)

Schneider Electric
7 products
Tricon Tcm 4351 Firmware
Tricon Tcm 4352 Firmware
Tricon Tcm 4351a Firmware
Tricon Tcm 4351b Firmware
Tricon Tcm 4352a Firmware
Tricon Tcm 4352b Firmware
Tristation 1131 Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Tricon Tcm 4351 Firmware
From 10.2.0 to 10.5.4
Running on/withPlatform Versions
Schneider Electric
Tricon Tcm 4351
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Tricon Tcm 4352 Firmware
From 10.2.0 to 10.5.4
Running on/withPlatform Versions
Schneider Electric
Tricon Tcm 4352
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Tricon Tcm 4351a Firmware
From 10.2.0 to 10.5.4
Running on/withPlatform Versions
Schneider Electric
Tricon Tcm 4351a
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Tricon Tcm 4351b Firmware
From 10.2.0 to 10.5.4
Running on/withPlatform Versions
Schneider Electric
Tricon Tcm 4351b
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Tricon Tcm 4352a Firmware
From 10.2.0 to 10.5.4
Running on/withPlatform Versions
Schneider Electric
Tricon Tcm 4352a
All versions
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Tricon Tcm 4352b Firmware
From 10.2.0 to 10.5.4
Running on/withPlatform Versions
Schneider Electric
Tricon Tcm 4352b
All versions
Configuration G
2 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Tristation 1131 Firmware
From 1.0.0 to 4.9.0
Tristation 1131 Firmware
From 4.10.0 to 4.12.0
Running on/withPlatform Versions
Schneider Electric
Tristation 1131
All versions

References (4)

Source: cybersecurity@se.com
Third Party AdvisoryUS Government Resource
Source: cybersecurity@se.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.