CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-7559

A CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability exists in PLC Simulator on EcoStruxureª Control Expert (now Unity Pro) (all versions) that could cause a crash of the PLC simulator present in EcoStruxureª Control Expert software when receiving a specially crafted request over Modbus.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 65.3%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

Products affected by CVE-2020-7559

Schneider-Electric » Ecostruxure Control Expert » Version: N/A

cpe:2.3:a:schneider-electric:ecostruxure_control_expert:-
Schneider-Electric » Ecostruxure Control Expert » Version: 14.0

cpe:2.3:a:schneider-electric:ecostruxure_control_expert:14.0
Schneider-Electric » Ecostruxure Control Expert » Version: 14.1

cpe:2.3:a:schneider-electric:ecostruxure_control_expert:14.1
Schneider-Electric » Ecostruxure Control Expert » Version: 15.0

cpe:2.3:a:schneider-electric:ecostruxure_control_expert:15.0
Schneider-Electric » Ecostruxure Control Expert » Version: 15.1

cpe:2.3:a:schneider-electric:ecostruxure_control_expert:15.1
Schneider-Electric » Ecostruxure Control Expert » Version: 15.2

cpe:2.3:a:schneider-electric:ecostruxure_control_expert:15.2
Schneider-Electric » Ecostruxure Control Expert » Version: 15.3

cpe:2.3:a:schneider-electric:ecostruxure_control_expert:15.3
Schneider-Electric » Ecostruxure Control Expert » Version: 16.0

cpe:2.3:a:schneider-electric:ecostruxure_control_expert:16.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-7559

Products

Pricing

Contact Us