← back
CVE-2020-10613

CVE-2020-10613

EPSS 2.5%CWE-125
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 2.5%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
15 Apr 2020Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 allows remote attackers to disclose sensitive information due to the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. Authentication is not required to exploit this vulnerability. Only applicable to installations using DNP3 Data Sets.
Affected products
n/a · Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.us-cert.gov/ics/advisories/icsa-20-105-03https://www.zerodayinitiative.com/advisories/ZDI-20-548/