CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-10922

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of C-MORE HMI EA9 Firmware version 6.52 touch screen panels. Authentication is not required to exploit this vulnerability. The specific flaw exists within the EA-HTTP.exe process. The issue results from the lack of proper input validation prior to further processing user requests. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-10527.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.068

EPSS Ranking 90.8%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

Products affected by CVE-2020-10922

Automationdirect » Ea9-Pgmsw » Version: N/A

cpe:2.3:h:automationdirect:ea9-pgmsw:-
Automationdirect » Ea9-Rhmi » Version: N/A

cpe:2.3:h:automationdirect:ea9-rhmi:-
Automationdirect » Ea9-T10cl » Version: N/A

cpe:2.3:h:automationdirect:ea9-t10cl:-
Automationdirect » Ea9-T10wcl » Version: N/A

cpe:2.3:h:automationdirect:ea9-t10wcl:-
Automationdirect » Ea9-T12cl » Version: N/A

cpe:2.3:h:automationdirect:ea9-t12cl:-
Automationdirect » Ea9-T15cl-R » Version: N/A

cpe:2.3:h:automationdirect:ea9-t15cl-r:-
Automationdirect » Ea9-T15cl » Version: N/A

cpe:2.3:h:automationdirect:ea9-t15cl:-
Automationdirect » Ea9-T6cl-R » Version: N/A

cpe:2.3:h:automationdirect:ea9-t6cl-r:-
Automationdirect » Ea9-T6cl » Version: N/A

cpe:2.3:h:automationdirect:ea9-t6cl:-
Automationdirect » Ea9-T7cl-R » Version: N/A

cpe:2.3:h:automationdirect:ea9-t7cl-r:-
Automationdirect » Ea9-T7cl » Version: N/A

cpe:2.3:h:automationdirect:ea9-t7cl:-
Automationdirect » Ea9-T8cl » Version: N/A

cpe:2.3:h:automationdirect:ea9-t8cl:-
Automationdirect » C-More Hmi Ea9 Firmware » Version: 6.52

cpe:2.3:o:automationdirect:c-more_hmi_ea9_firmware:6.52

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-10922

Products

Pricing

Contact Us