Vulnerability Details CVE-2020-7590
A vulnerability has been identified in DCA Vantage Analyzer (All versions < V4.5 are affected by CVE-2020-7590. In addition, serial numbers < 40000 running software V4.4.0 are also affected by CVE-2020-15797). Affected devices use a hard-coded password to protect the onboard database. This could allow an attacker to read and or modify the onboard database. Successful exploitation requires direct physical access to the device.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 16.8%
CVSS Severity
CVSS v3 Score 6.8
CVSS v2 Score 4.6
References
Products affected by CVE-2020-7590
-
cpe:2.3:h:siemens:dca_vantage_analyzer:-
-
cpe:2.3:o:siemens:dca_vantage_analyzer_firmware:*