Vulnerability Details CVE-2020-7499
A CWE-863: Incorrect Authorization vulnerability exists in U.motion Servers and Touch Panels (affected versions listed in the security notification) which could cause unauthorized access when a low privileged user makes unauthorized changes.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 40.1%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.0
References
Products affected by CVE-2020-7499
-
cpe:2.3:h:schneider-electric:mtn6260-0310:-
-
cpe:2.3:h:schneider-electric:mtn6260-0315:-
-
cpe:2.3:h:schneider-electric:mtn6260-0410:-
-
cpe:2.3:h:schneider-electric:mtn6260-0415:-
-
cpe:2.3:h:schneider-electric:mtn6501-0001:-
-
cpe:2.3:h:schneider-electric:mtn6501-0002:-
-
cpe:2.3:o:schneider-electric:mtn6260-0310_firmware:*
-
cpe:2.3:o:schneider-electric:mtn6260-0315_firmware:*
-
cpe:2.3:o:schneider-electric:mtn6260-0410_firmware:*
-
cpe:2.3:o:schneider-electric:mtn6260-0415_firmware:*
-
cpe:2.3:o:schneider-electric:mtn6501-0001_firmware:*
-
cpe:2.3:o:schneider-electric:mtn6501-0002_firmware:*