CVE-2020-7523 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	7.8 HIGH	LOCAL	HIGH	LOW	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 13%

Affected Products (NVD)

Vendor	Product	Version
schneider-electric	modbus_driver_suite	𝑥 < 14.15.0.0
schneider-electric	modbus_serial_driver	𝑥 < 2.20_ie_30
schneider-electric	modbus_serial_driver	𝑥 < 3.20_ie_30

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-269 - Improper Privilege Management
The software does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

References

https://www.se.com/ww/en/download/document/SEVD-2020-224-01/

https://www.se.com/ww/en/download/document/SEVD-2020-224-01/