CVE-2020-28220

CVSS 4.7 MEDIUMEPSS 1.0%CWE-119

Vexday Risk Score

13Bajo

Decisión SSVC (CISA)

Track

Sin señal de explotación → monitorear

CVSS 4.7EPSS 1.0%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

11 dic 2020Publicada en NVD

Recomendación: Monitorear — sin señal de explotación por ahora.

A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Modicon M258 Firmware (All versions prior to V5.0.4.11) and SoMachine/SoMachine Motion software (All versions), that could cause a buffer overflow when the length of a file transferred to the webserver is not verified.

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

Productos afectados

n/a · Modicon M258 Firmware (All versions prior to V5.0.4.11) and SoMachine/SoMachine Motion software (All versions)

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://www.se.com/ww/en/download/document/SEVD-2020-343-09/