CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-10055

A vulnerability has been identified in Desigo CC (V4.x), Desigo CC (V3.x), Desigo CC Compact (V4.x), Desigo CC Compact (V3.x). Affected applications are delivered with a 3rd party component (BIRT) that contains a remote code execution vulnerability if the Advanced Reporting Engine is enabled. The vulnerability could allow a remote unauthenticated attacker to execute arbitrary commands on the server with SYSTEM privileges.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.027

EPSS Ranking 85.3%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 9.3

References

Products affected by CVE-2020-10055

Siemens » Desigo Consumption Control » Version: 3.0

cpe:2.3:a:siemens:desigo_consumption_control:3.0
Siemens » Desigo Consumption Control » Version: 4.0

cpe:2.3:a:siemens:desigo_consumption_control:4.0
Siemens » Desigo Consumption Control Compact » Version: 3.0

cpe:2.3:a:siemens:desigo_consumption_control_compact:3.0
Siemens » Desigo Consumption Control Compact » Version: 4.0

cpe:2.3:a:siemens:desigo_consumption_control_compact:4.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-10055

Products

Pricing

Contact Us