CVE-2020-7501

Published: Jun 16, 2020Modified: Nov 21, 2024

8.8

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

A CWE-798: Use of Hard-coded Credentials vulnerability exists in Vijeo Designer Basic (V1.1 HotFix 16 and prior) and Vijeo Designer (V6.2 SP9 and prior) which could cause unauthorized read and write when downloading and uploading project or firmware into Vijeo Designer Basic and Vijeo Designer.

Affected (6)

Products: Schneider Electric: Vijeo Designer

Schneider Electric

1 product

Vijeo Designer

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Schneider Electric Vijeo Designer	Up to 6.2
Schneider Electric Vijeo Designer	Up to 1.0
Schneider Electric Vijeo Designer	Version 1.1
Schneider Electric Vijeo Designer	Version 1.1 hotfix_15
Schneider Electric Vijeo Designer	Version 6.9
Schneider Electric Vijeo Designer	Version 6.9 sp9

Related CWEs

CWE-798

Use of Hard-coded Credentials

The product contains hard-coded credentials, such as a password or cryptographic key.

References (2)

https://www.se.com/ww/en/download/document/SEVD-2020-133-02/

Source: cybersecurity@se.com

Vendor Advisory

https://www.se.com/ww/en/download/document/SEVD-2020-133-02/

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.