CVE-2020-7491
23.07.2020, 21:15
**VERSION NOT SUPPORTED WHEN ASSIGNED** A legacy debug port account in TCMs installed in Tricon system versions 10.2.0 through 10.5.3 is visible on the network and could allow inappropriate access. This vulnerability was remediated in TCM version 10.5.4.Enginsight
| Vendor | Product | Version |
|---|---|---|
| schneider-electric | tricon_tcm_4351_firmware | 10.2.0 ≤ 𝑥 < 10.5.4 |
| schneider-electric | tricon_tcm_4352_firmware | 10.2.0 ≤ 𝑥 < 10.5.4 |
| schneider-electric | tricon_tcm_4351a_firmware | 10.2.0 ≤ 𝑥 < 10.5.4 |
| schneider-electric | tricon_tcm_4351b_firmware | 10.2.0 ≤ 𝑥 < 10.5.4 |
| schneider-electric | tricon_tcm_4352a_firmware | 10.2.0 ≤ 𝑥 < 10.5.4 |
| schneider-electric | tricon_tcm_4352b_firmware | 10.2.0 ≤ 𝑥 < 10.5.4 |
| schneider-electric | tristation_1131_firmware | 1.0.0 ≤ 𝑥 ≤ 4.9.0 |
| schneider-electric | tristation_1131_firmware | 4.10.0 ≤ 𝑥 ≤ 4.12.0 |
𝑥
= Vulnerable software versions