CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-6654

A DLL Hijacking vulnerability in Eaton's 9000x Programming and Configuration Software v 2.0.38 and prior allows an attacker to execute arbitrary code by replacing the required DLLs with malicious DLLs when the software try to load vci11un6.DLL and cinpl.DLL.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 21.6%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 4.4

References

https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/9000x-software-eaton-vulnerability-advisory.pdf
https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/9000x-software-eaton-vulnerability-advisory.pdf

Products affected by CVE-2020-6654

Eaton » 9000x Programming And Configuration Software » Version: N/A

cpe:2.3:a:eaton:9000x_programming_and_configuration_software:-
Eaton » 9000x Programming And Configuration Software » Version: 2.0.38

cpe:2.3:a:eaton:9000x_programming_and_configuration_software:2.0.38

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-6654

Products

Pricing

Contact Us