CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-28221

A CWE-20: Improper Input Validation vulnerability exists in EcoStruxure™ Operator Terminal Expert and Pro-face BLUE (version details in the notification) that could cause arbitrary code execution when the Ethernet Download feature is enable on the HMI.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.009

EPSS Ranking 74.8%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 9.3

References

Products affected by CVE-2020-28221

Schneider-Electric » Ecostruxure Operator Terminal Expert » Version: 3.1

cpe:2.3:a:schneider-electric:ecostruxure_operator_terminal_expert:3.1
Schneider-Electric » Pro-Face Blue » Version: 3.1

cpe:2.3:a:schneider-electric:pro-face_blue:3.1
Schneider-Electric » Gp-4104g » Version: N/A

cpe:2.3:h:schneider-electric:gp-4104g:-
Schneider-Electric » Gp-4104w » Version: N/A

cpe:2.3:h:schneider-electric:gp-4104w:-
Schneider-Electric » Gp-4105g » Version: N/A

cpe:2.3:h:schneider-electric:gp-4105g:-
Schneider-Electric » Gp-4105w » Version: N/A

cpe:2.3:h:schneider-electric:gp-4105w:-
Schneider-Electric » Gp-4106g » Version: N/A

cpe:2.3:h:schneider-electric:gp-4106g:-
Schneider-Electric » Gp-4106w » Version: N/A

cpe:2.3:h:schneider-electric:gp-4106w:-
Schneider-Electric » Gp-4107g » Version: N/A

cpe:2.3:h:schneider-electric:gp-4107g:-
Schneider-Electric » Gp-4107w » Version: N/A

cpe:2.3:h:schneider-electric:gp-4107w:-
Schneider-Electric » Hmi Sto 501 » Version: N/A

cpe:2.3:h:schneider-electric:hmi_sto_501:-
Schneider-Electric » Hmi Sto 511 » Version: N/A

cpe:2.3:h:schneider-electric:hmi_sto_511:-
Schneider-Electric » Hmi Sto 512 » Version: N/A

cpe:2.3:h:schneider-electric:hmi_sto_512:-
Schneider-Electric » Hmi Sto 531 » Version: N/A

cpe:2.3:h:schneider-electric:hmi_sto_531:-
Schneider-Electric » Hmi Sto 532 » Version: N/A

cpe:2.3:h:schneider-electric:hmi_sto_532:-
Schneider-Electric » Hmig3u » Version: N/A

cpe:2.3:h:schneider-electric:hmig3u:-
Schneider-Electric » Hmig3x » Version: N/A

cpe:2.3:h:schneider-electric:hmig3x:-
Schneider-Electric » Hmig5u2 » Version: N/A

cpe:2.3:h:schneider-electric:hmig5u2:-
Schneider-Electric » Hmig5u » Version: N/A

cpe:2.3:h:schneider-electric:hmig5u:-
Schneider-Electric » Hmist6200 » Version: N/A

cpe:2.3:h:schneider-electric:hmist6200:-
Schneider-Electric » Hmist6400 » Version: N/A

cpe:2.3:h:schneider-electric:hmist6400:-
Schneider-Electric » Hmist6500 » Version: N/A

cpe:2.3:h:schneider-electric:hmist6500:-
Schneider-Electric » Hmist6600 » Version: N/A

cpe:2.3:h:schneider-electric:hmist6600:-
Schneider-Electric » Hmist6700 » Version: N/A

cpe:2.3:h:schneider-electric:hmist6700:-
Schneider-Electric » Sp-5400wa » Version: N/A

cpe:2.3:h:schneider-electric:sp-5400wa:-
Schneider-Electric » Sp-5500tp » Version: N/A

cpe:2.3:h:schneider-electric:sp-5500tp:-
Schneider-Electric » Sp-5500wa » Version: N/A

cpe:2.3:h:schneider-electric:sp-5500wa:-
Schneider-Electric » Sp-5600ta » Version: N/A

cpe:2.3:h:schneider-electric:sp-5600ta:-
Schneider-Electric » Sp-5600tp » Version: N/A

cpe:2.3:h:schneider-electric:sp-5600tp:-
Schneider-Electric » Sp-5600wa » Version: N/A

cpe:2.3:h:schneider-electric:sp-5600wa:-
Schneider-Electric » Sp-5660tp » Version: N/A

cpe:2.3:h:schneider-electric:sp-5660tp:-
Schneider-Electric » Sp-5700tp » Version: N/A

cpe:2.3:h:schneider-electric:sp-5700tp:-
Schneider-Electric » Sp-5700wc » Version: N/A

cpe:2.3:h:schneider-electric:sp-5700wc:-
Schneider-Electric » Sp-5800wc » Version: N/A

cpe:2.3:h:schneider-electric:sp-5800wc:-
Schneider-Electric » Sp-5b00 » Version: N/A

cpe:2.3:h:schneider-electric:sp-5b00:-
Schneider-Electric » Sp-5b10 » Version: N/A

cpe:2.3:h:schneider-electric:sp-5b10:-
Schneider-Electric » Sp-5b41 » Version: N/A

cpe:2.3:h:schneider-electric:sp-5b41:-
Schneider-Electric » St-6200wa » Version: N/A

cpe:2.3:h:schneider-electric:st-6200wa:-
Schneider-Electric » St-6400wa » Version: N/A

cpe:2.3:h:schneider-electric:st-6400wa:-
Schneider-Electric » St-6500wa » Version: N/A

cpe:2.3:h:schneider-electric:st-6500wa:-
Schneider-Electric » St-6600wa » Version: N/A

cpe:2.3:h:schneider-electric:st-6600wa:-
Schneider-Electric » St-6700wa » Version: N/A

cpe:2.3:h:schneider-electric:st-6700wa:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-28221

Products

Pricing

Contact Us