Search criteria
3 vulnerabilities found for tristation_1131_firmware by schneider-electric
FKIE_CVE-2020-7491
Vulnerability from fkie_nvd - Published: 2020-07-23 21:15 - Updated: 2024-11-21 05:37
Severity ?
Summary
**VERSION NOT SUPPORTED WHEN ASSIGNED** A legacy debug port account in TCMs installed in Tricon system versions 10.2.0 through 10.5.3 is visible on the network and could allow inappropriate access. This vulnerability was remediated in TCM version 10.5.4.
References
| URL | Tags | ||
|---|---|---|---|
| cybersecurity@se.com | https://us-cert.cisa.gov/ics/advisories/icsa-20-205-01 | Third Party Advisory, US Government Resource | |
| cybersecurity@se.com | https://www.se.com/ww/en/download/document/SESB-2020-105-01/ | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://us-cert.cisa.gov/ics/advisories/icsa-20-205-01 | Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.se.com/ww/en/download/document/SESB-2020-105-01/ | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:tricon_tcm_4351_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A3183741-92D5-4437-91F6-AF666232204B",
"versionEndExcluding": "10.5.4",
"versionStartIncluding": "10.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:tricon_tcm_4351:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2CA997CF-D574-4D1B-B71F-A0EBB31303DA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:tricon_tcm_4352_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CA3F011D-5096-4EF6-94B7-9D66DC29583F",
"versionEndExcluding": "10.5.4",
"versionStartIncluding": "10.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:tricon_tcm_4352:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1A965FF8-A474-447E-84AE-ED902B47A3A3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:tricon_tcm_4351a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E8F8AB23-9DA4-4430-9FB1-BCC7D8BB88A9",
"versionEndExcluding": "10.5.4",
"versionStartIncluding": "10.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:tricon_tcm_4351a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4D4D6502-A5D3-44A9-AF07-6717EADB98D0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:tricon_tcm_4351b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F909483-5DEA-4565-96B7-58BC3F0554CE",
"versionEndExcluding": "10.5.4",
"versionStartIncluding": "10.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:tricon_tcm_4351b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4A46632D-151C-43D3-BFA3-72C87304AB8B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:tricon_tcm_4352a_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0AA8E6F5-7D88-403B-B3A2-FB28C5369DF2",
"versionEndExcluding": "10.5.4",
"versionStartIncluding": "10.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:tricon_tcm_4352a:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D4836B8C-1BEC-4076-928D-CBB403836BF2",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:tricon_tcm_4352b_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8B069292-3C0B-4CF8-8049-5E45A88FB4CB",
"versionEndExcluding": "10.5.4",
"versionStartIncluding": "10.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:tricon_tcm_4352b:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89D4DE85-CC63-415C-9C07-8DE9C762AF3B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:tristation_1131_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EED15135-BC97-44FD-A2FF-3AEFACB79543",
"versionEndIncluding": "4.9.0",
"versionStartIncluding": "1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:schneider-electric:tristation_1131_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "016138FC-307D-48D8-87F9-045A8A22498D",
"versionEndIncluding": "4.12.0",
"versionStartIncluding": "4.10.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:tristation_1131:-:*:*:*:*:*:*:*",
"matchCriteriaId": "723A226B-0742-4FC7-BF67-C7FA575BC85A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "**VERSION NOT SUPPORTED WHEN ASSIGNED** A legacy debug port account in TCMs installed in Tricon system versions 10.2.0 through 10.5.3 is visible on the network and could allow inappropriate access. This vulnerability was remediated in TCM version 10.5.4."
},
{
"lang": "es",
"value": "**VERSION NO SOPORTADA CUANDO SE ASIGN\u00d3** Una cuenta de puerto de depuraci\u00f3n heredada en los TCM instalados en sistema Tricon versiones 10.2.0 hasta 10.5.3, es visible en la red y podr\u00eda permitir un acceso inapropiado. Esta vulnerabilidad es corregida en TCM versi\u00f3n 10.5.4"
}
],
"id": "CVE-2020-7491",
"lastModified": "2024-11-21T05:37:15.040",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-07-23T21:15:12.113",
"references": [
{
"source": "cybersecurity@se.com",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-205-01"
},
{
"source": "cybersecurity@se.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.se.com/ww/en/download/document/SESB-2020-105-01/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-205-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.se.com/ww/en/download/document/SESB-2020-105-01/"
}
],
"sourceIdentifier": "cybersecurity@se.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2020-7491 (GCVE-0-2020-7491)
Vulnerability from cvelistv5 – Published: 2020-07-23 20:46 – Updated: 2024-08-04 09:33
VLAI?
Summary
**VERSION NOT SUPPORTED WHEN ASSIGNED** A legacy debug port account in TCMs installed in Tricon system versions 10.2.0 through 10.5.3 is visible on the network and could allow inappropriate access. This vulnerability was remediated in TCM version 10.5.4.
Severity ?
No CVSS data available.
CWE
- Unauthorized access
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Tricon system versions 10.2.0 through 10.5.3 |
Affected:
Tricon system versions 10.2.0 through 10.5.3
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:33:19.483Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.se.com/ww/en/download/document/SESB-2020-105-01/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-205-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Tricon system versions 10.2.0 through 10.5.3",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Tricon system versions 10.2.0 through 10.5.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "**VERSION NOT SUPPORTED WHEN ASSIGNED** A legacy debug port account in TCMs installed in Tricon system versions 10.2.0 through 10.5.3 is visible on the network and could allow inappropriate access. This vulnerability was remediated in TCM version 10.5.4."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Unauthorized access",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-30T19:39:48",
"orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"shortName": "schneider"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.se.com/ww/en/download/document/SESB-2020-105-01/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-205-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cybersecurity@schneider-electric.com",
"ID": "CVE-2020-7491",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Tricon system versions 10.2.0 through 10.5.3",
"version": {
"version_data": [
{
"version_value": "Tricon system versions 10.2.0 through 10.5.3"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "**VERSION NOT SUPPORTED WHEN ASSIGNED** A legacy debug port account in TCMs installed in Tricon system versions 10.2.0 through 10.5.3 is visible on the network and could allow inappropriate access. This vulnerability was remediated in TCM version 10.5.4."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Unauthorized access"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.se.com/ww/en/download/document/SESB-2020-105-01/",
"refsource": "MISC",
"url": "https://www.se.com/ww/en/download/document/SESB-2020-105-01/"
},
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-205-01",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-205-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"assignerShortName": "schneider",
"cveId": "CVE-2020-7491",
"datePublished": "2020-07-23T20:46:44",
"dateReserved": "2020-01-21T00:00:00",
"dateUpdated": "2024-08-04T09:33:19.483Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-7491 (GCVE-0-2020-7491)
Vulnerability from nvd – Published: 2020-07-23 20:46 – Updated: 2024-08-04 09:33
VLAI?
Summary
**VERSION NOT SUPPORTED WHEN ASSIGNED** A legacy debug port account in TCMs installed in Tricon system versions 10.2.0 through 10.5.3 is visible on the network and could allow inappropriate access. This vulnerability was remediated in TCM version 10.5.4.
Severity ?
No CVSS data available.
CWE
- Unauthorized access
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Tricon system versions 10.2.0 through 10.5.3 |
Affected:
Tricon system versions 10.2.0 through 10.5.3
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:33:19.483Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.se.com/ww/en/download/document/SESB-2020-105-01/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-205-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Tricon system versions 10.2.0 through 10.5.3",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Tricon system versions 10.2.0 through 10.5.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "**VERSION NOT SUPPORTED WHEN ASSIGNED** A legacy debug port account in TCMs installed in Tricon system versions 10.2.0 through 10.5.3 is visible on the network and could allow inappropriate access. This vulnerability was remediated in TCM version 10.5.4."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Unauthorized access",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-07-30T19:39:48",
"orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"shortName": "schneider"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.se.com/ww/en/download/document/SESB-2020-105-01/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-205-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cybersecurity@schneider-electric.com",
"ID": "CVE-2020-7491",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Tricon system versions 10.2.0 through 10.5.3",
"version": {
"version_data": [
{
"version_value": "Tricon system versions 10.2.0 through 10.5.3"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "**VERSION NOT SUPPORTED WHEN ASSIGNED** A legacy debug port account in TCMs installed in Tricon system versions 10.2.0 through 10.5.3 is visible on the network and could allow inappropriate access. This vulnerability was remediated in TCM version 10.5.4."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Unauthorized access"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.se.com/ww/en/download/document/SESB-2020-105-01/",
"refsource": "MISC",
"url": "https://www.se.com/ww/en/download/document/SESB-2020-105-01/"
},
{
"name": "https://us-cert.cisa.gov/ics/advisories/icsa-20-205-01",
"refsource": "MISC",
"url": "https://us-cert.cisa.gov/ics/advisories/icsa-20-205-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"assignerShortName": "schneider",
"cveId": "CVE-2020-7491",
"datePublished": "2020-07-23T20:46:44",
"dateReserved": "2020-01-21T00:00:00",
"dateUpdated": "2024-08-04T09:33:19.483Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}