Vulnerability Details CVE-2020-28220
A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Modicon M258 Firmware (All versions prior to V5.0.4.11) and SoMachine/SoMachine Motion software (All versions), that could cause a buffer overflow when the length of a file transferred to the webserver is not verified.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 50.6%
CVSS Severity
CVSS v3 Score 6.8
CVSS v2 Score 5.2
References
Products affected by CVE-2020-28220
-
cpe:2.3:a:schneider-electric:somachine:-
-
cpe:2.3:a:schneider-electric:somachine:1.4
-
cpe:2.3:a:schneider-electric:somachine:2.0
-
cpe:2.3:a:schneider-electric:somachine:3.0
-
cpe:2.3:a:schneider-electric:somachine:3.1
-
cpe:2.3:a:schneider-electric:somachine_motion:-
-
cpe:2.3:h:schneider-electric:modicon_m258:-
-
cpe:2.3:o:schneider-electric:modicon_m258_firmware:-