var-202003-1441
Vulnerability from variot

A CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection'), reflective DLL, vulnerability exists in EcoStruxure Control Expert (all versions prior to 14.1 Hot Fix), Unity Pro (all versions), Modicon M340 (all versions prior to V3.20), Modicon M580 (all versions prior to V3.10), which, if exploited, could allow attackers to transfer malicious code to the controller. plural Schneider Electric The product contains an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Schneider Electric Modicon M580, etc. are all products of Schneider Electric in France. Schneider Electric Modicon M580 is a programmable automation controller. Schneider Electric Modicon M340 is a mid-range PLC (programmable logic controller) for industrial processes and infrastructure. Schneider Electric EcoStruxure Control Expert (formerly known as Unity Pro) is a set of programming software for Schneider Electric logic controller products.

Many Schneider Electric products have injection vulnerabilities that attackers can use to send malicious code to the controller. The following products and versions are affected: EcoStruxure Control Expert 14.1 Hot Fix previous version; Unity Pro (full version); Modicon M340 V3.20 previous version; Modicon M580 V3.10 previous version

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202003-1441",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "modicon m580",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "schneider electric",
        "version": "3.10"
      },
      {
        "model": "modicon m340",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "schneider electric",
        "version": "3.20"
      },
      {
        "model": "unity pro",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "schneider electric",
        "version": "*"
      },
      {
        "model": "ecostruxure control expert",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "schneider electric",
        "version": "14.0"
      },
      {
        "model": "ecostruxure control expert",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "schneider electric",
        "version": "14.1 hot fix"
      },
      {
        "model": "modicon m340",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "schneider electric",
        "version": "3.20"
      },
      {
        "model": "modicon m580",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "schneider electric",
        "version": "3.10"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "ecostruxure control expert",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "unity pro",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "modicon m340",
        "version": "*"
      },
      {
        "model": null,
        "scope": "eq",
        "trust": 0.6,
        "vendor": "modicon m580",
        "version": "*"
      },
      {
        "model": "electric unity pro",
        "scope": null,
        "trust": 0.6,
        "vendor": "schneider",
        "version": null
      },
      {
        "model": "electric ecostruxure control expert hot fix",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "schneider",
        "version": "14.1"
      },
      {
        "model": "electric modicon m340",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "schneider",
        "version": "3.20"
      },
      {
        "model": "electric modicon m580",
        "scope": "lt",
        "trust": 0.6,
        "vendor": "schneider",
        "version": "3.10"
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "35a9c5f0-4ff6-4832-9bff-dd010f8ff4a6"
      },
      {
        "db": "IVD",
        "id": "17a37300-5783-4a41-8124-fdbd46329f3c"
      },
      {
        "db": "IVD",
        "id": "c6a4a266-58fd-48ff-b1ed-97cd3f6f2b31"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-23198"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-003406"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-7475"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:schneider-electric:ecostruxure_control_expert:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "14.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:schneider-electric:unity_pro:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:schneider-electric:modicon_m340_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "3.20",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:schneider-electric:modicon_m340:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:schneider-electric:modicon_m580_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "3.10",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:schneider-electric:modicon_m580:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2020-7475"
      }
    ]
  },
  "cve": "CVE-2020-7475",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 7.5,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "JVNDB-2020-003406",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2020-23198",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "35a9c5f0-4ff6-4832-9bff-dd010f8ff4a6",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "17a37300-5783-4a41-8124-fdbd46329f3c",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "IVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "c6a4a266-58fd-48ff-b1ed-97cd3f6f2b31",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.2,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.9 [IVD]"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-185600",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 9.8,
            "baseSeverity": "Critical",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "JVNDB-2020-003406",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2020-7475",
            "trust": 1.0,
            "value": "CRITICAL"
          },
          {
            "author": "NVD",
            "id": "JVNDB-2020-003406",
            "trust": 0.8,
            "value": "Critical"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2020-23198",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202003-1330",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "IVD",
            "id": "35a9c5f0-4ff6-4832-9bff-dd010f8ff4a6",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "17a37300-5783-4a41-8124-fdbd46329f3c",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "IVD",
            "id": "c6a4a266-58fd-48ff-b1ed-97cd3f6f2b31",
            "trust": 0.2,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-185600",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "35a9c5f0-4ff6-4832-9bff-dd010f8ff4a6"
      },
      {
        "db": "IVD",
        "id": "17a37300-5783-4a41-8124-fdbd46329f3c"
      },
      {
        "db": "IVD",
        "id": "c6a4a266-58fd-48ff-b1ed-97cd3f6f2b31"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-23198"
      },
      {
        "db": "VULHUB",
        "id": "VHN-185600"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-003406"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-7475"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202003-1330"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027), reflective DLL, vulnerability exists in EcoStruxure Control Expert (all versions prior to 14.1 Hot Fix), Unity Pro (all versions), Modicon M340 (all versions prior to V3.20), Modicon M580 (all versions prior to V3.10), which, if exploited, could allow attackers to transfer malicious code to the controller. plural Schneider Electric The product contains an injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Schneider Electric Modicon M580, etc. are all products of Schneider Electric in France. Schneider Electric Modicon M580 is a programmable automation controller. Schneider Electric Modicon M340 is a mid-range PLC (programmable logic controller) for industrial processes and infrastructure. Schneider Electric EcoStruxure Control Expert (formerly known as Unity Pro) is a set of programming software for Schneider Electric logic controller products. \n\r\n\r\nMany Schneider Electric products have injection vulnerabilities that attackers can use to send malicious code to the controller. The following products and versions are affected: EcoStruxure Control Expert 14.1 Hot Fix previous version; Unity Pro (full version); Modicon M340 V3.20 previous version; Modicon M580 V3.10 previous version",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2020-7475"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-003406"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-23198"
      },
      {
        "db": "IVD",
        "id": "35a9c5f0-4ff6-4832-9bff-dd010f8ff4a6"
      },
      {
        "db": "IVD",
        "id": "17a37300-5783-4a41-8124-fdbd46329f3c"
      },
      {
        "db": "IVD",
        "id": "c6a4a266-58fd-48ff-b1ed-97cd3f6f2b31"
      },
      {
        "db": "VULHUB",
        "id": "VHN-185600"
      }
    ],
    "trust": 2.79
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2020-7475",
        "trust": 3.7
      },
      {
        "db": "SCHNEIDER",
        "id": "SEVD-2020-080-01",
        "trust": 1.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-23198",
        "trust": 1.3
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202003-1330",
        "trust": 1.3
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-003406",
        "trust": 0.8
      },
      {
        "db": "NSFOCUS",
        "id": "46623",
        "trust": 0.6
      },
      {
        "db": "IVD",
        "id": "35A9C5F0-4FF6-4832-9BFF-DD010F8FF4A6",
        "trust": 0.2
      },
      {
        "db": "IVD",
        "id": "17A37300-5783-4A41-8124-FDBD46329F3C",
        "trust": 0.2
      },
      {
        "db": "IVD",
        "id": "C6A4A266-58FD-48FF-B1ED-97CD3F6F2B31",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-185600",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "35a9c5f0-4ff6-4832-9bff-dd010f8ff4a6"
      },
      {
        "db": "IVD",
        "id": "17a37300-5783-4a41-8124-fdbd46329f3c"
      },
      {
        "db": "IVD",
        "id": "c6a4a266-58fd-48ff-b1ed-97cd3f6f2b31"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-23198"
      },
      {
        "db": "VULHUB",
        "id": "VHN-185600"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-003406"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-7475"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202003-1330"
      }
    ]
  },
  "id": "VAR-202003-1441",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "IVD",
        "id": "35a9c5f0-4ff6-4832-9bff-dd010f8ff4a6"
      },
      {
        "db": "IVD",
        "id": "17a37300-5783-4a41-8124-fdbd46329f3c"
      },
      {
        "db": "IVD",
        "id": "c6a4a266-58fd-48ff-b1ed-97cd3f6f2b31"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-23198"
      },
      {
        "db": "VULHUB",
        "id": "VHN-185600"
      }
    ],
    "trust": 2.1185145
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "ICS"
        ],
        "sub_category": null,
        "trust": 0.6
      },
      {
        "category": [
          "ICS",
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "IVD",
        "id": "35a9c5f0-4ff6-4832-9bff-dd010f8ff4a6"
      },
      {
        "db": "IVD",
        "id": "17a37300-5783-4a41-8124-fdbd46329f3c"
      },
      {
        "db": "IVD",
        "id": "c6a4a266-58fd-48ff-b1ed-97cd3f6f2b31"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-23198"
      }
    ]
  },
  "last_update_date": "2023-12-18T13:23:20.099000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SEVD-2020-080-01",
        "trust": 0.8,
        "url": "https://www.se.com/ww/en/download/document/sevd-2020-080-01/"
      },
      {
        "title": "Patch for Multiple Schneider Electric product injection vulnerabilities",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/214305"
      },
      {
        "title": "Multiple Schneider Electric Fixing measures for product injection vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=112775"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-23198"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-003406"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202003-1330"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-74",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-185600"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-003406"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-7475"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.0,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-7475"
      },
      {
        "trust": 1.7,
        "url": "http://www.se.com/ww/en/download/document/sevd-2020-080-01"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-7475"
      },
      {
        "trust": 0.6,
        "url": "http://www.nsfocus.net/vulndb/46623"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-23198"
      },
      {
        "db": "VULHUB",
        "id": "VHN-185600"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-003406"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-7475"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202003-1330"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "IVD",
        "id": "35a9c5f0-4ff6-4832-9bff-dd010f8ff4a6"
      },
      {
        "db": "IVD",
        "id": "17a37300-5783-4a41-8124-fdbd46329f3c"
      },
      {
        "db": "IVD",
        "id": "c6a4a266-58fd-48ff-b1ed-97cd3f6f2b31"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-23198"
      },
      {
        "db": "VULHUB",
        "id": "VHN-185600"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-003406"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-7475"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202003-1330"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2020-03-23T00:00:00",
        "db": "IVD",
        "id": "35a9c5f0-4ff6-4832-9bff-dd010f8ff4a6"
      },
      {
        "date": "2020-03-23T00:00:00",
        "db": "IVD",
        "id": "17a37300-5783-4a41-8124-fdbd46329f3c"
      },
      {
        "date": "2020-03-23T00:00:00",
        "db": "IVD",
        "id": "c6a4a266-58fd-48ff-b1ed-97cd3f6f2b31"
      },
      {
        "date": "2020-04-17T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2020-23198"
      },
      {
        "date": "2020-03-23T00:00:00",
        "db": "VULHUB",
        "id": "VHN-185600"
      },
      {
        "date": "2020-04-15T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2020-003406"
      },
      {
        "date": "2020-03-23T19:15:12.413000",
        "db": "NVD",
        "id": "CVE-2020-7475"
      },
      {
        "date": "2020-03-23T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202003-1330"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2020-04-17T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2020-23198"
      },
      {
        "date": "2022-02-03T00:00:00",
        "db": "VULHUB",
        "id": "VHN-185600"
      },
      {
        "date": "2020-04-15T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2020-003406"
      },
      {
        "date": "2022-02-03T16:10:44.177000",
        "db": "NVD",
        "id": "CVE-2020-7475"
      },
      {
        "date": "2022-03-10T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202003-1330"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202003-1330"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "plural  Schneider Electric Product injection vulnerabilities",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-003406"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "injection",
    "sources": [
      {
        "db": "IVD",
        "id": "35a9c5f0-4ff6-4832-9bff-dd010f8ff4a6"
      },
      {
        "db": "IVD",
        "id": "17a37300-5783-4a41-8124-fdbd46329f3c"
      },
      {
        "db": "IVD",
        "id": "c6a4a266-58fd-48ff-b1ed-97cd3f6f2b31"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202003-1330"
      }
    ],
    "trust": 1.2
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading...

Loading...

Loading...

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.