← back
CVE-2020-10611

CVE-2020-10611

EPSS 5.2%CWE-843
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 5.2%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
15 Apr 2020Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 allows remote attackers to execute arbitrary code due to the lack of proper validation of user-supplied data, which can result in a type confusion condition. Authentication is not required to exploit this vulnerability. Only applicable to installations using DNP3 Data Sets.
Affected products
n/a · Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.us-cert.gov/ics/advisories/icsa-20-105-03https://www.zerodayinitiative.com/advisories/ZDI-20-549/