CVE-2020-7560

High

A CWE-123: Write-what-where Condition vulnerability exists in EcoStruxure™ Control Expert (all versions) and Unity Pro (former name of…

schneider·CWE-123·Published 2020-12-11

CVSS

8.6

EPSS

0.01

KEV

Exploits

cve.orgen

320 chars

A CWE-123: Write-what-where Condition vulnerability exists in EcoStruxure™ Control Expert (all versions) and Unity Pro (former name of EcoStruxure™ Control Expert) (all versions), that could cause a crash of the software or unexpected code execution when opening a malicious file in EcoStruxure™ Control Expert software.

NVDen

320 chars

NVDes

369 chars

Una CWE-123: Se presenta una vulnerabilidad de Condición Write-what-where en EcoStruxure™ Control Expert (todas las versiones) y Unity Pro (nombre anterior de EcoStruxure™ Control Expert) (todas las versiones), que podría causar un bloqueo del software o una ejecución de código inesperada cuando se abre un archivo malicioso en el software EcoStruxure™ Control Expert

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P
3.1	Primary	NVD	8.6	1.8	6.0	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H