← voltar
CVE-2020-10611

CVE-2020-10611

EPSS 5.2%CWE-843
Vexday Risk Score
3Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS EPSS 5.2%KEV nãoPoC Patch
Ciclo de vida
15 abr 2020Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 allows remote attackers to execute arbitrary code due to the lack of proper validation of user-supplied data, which can result in a type confusion condition. Authentication is not required to exploit this vulnerability. Only applicable to installations using DNP3 Data Sets.
Produtos afetados
n/a · Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://www.us-cert.gov/ics/advisories/icsa-20-105-03https://www.zerodayinitiative.com/advisories/ZDI-20-549/