← Volver a CVEs
CVE-2020-7568
MEDIUM4.3
Descripcion
A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in Modicon M221 (all references, all versions) that could allow non sensitive information disclosure when the attacker has captured the traffic between EcoStruxure Machine - Basic software and Modicon M221 controller.
Detalles CVE
Puntuacion CVSS v3.14.3
SeveridadMEDIUM
Vector CVSSCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Vector de ataqueADJACENT_NETWORK
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioNONE
Publicado11/19/2020
Ultima modificacion11/21/2024
Fuentenvd
Avistamientos honeypot0
Productos afectados
schneider-electric:modicon_m221schneider-electric:modicon_m221_firmware
Debilidades (CWE)
CWE-200
Referencias
https://us-cert.cisa.gov/ics/advisories/icsa-20-343-04(cybersecurity@se.com)
https://www.se.com/ww/en/download/document/SEVD-2020-315-05/(cybersecurity@se.com)
https://us-cert.cisa.gov/ics/advisories/icsa-20-343-04(af854a3a-2127-422b-91ae-364da2661108)
https://www.se.com/ww/en/download/document/SEVD-2020-315-05/(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.