VDB
CVE-2020-28221
CVE-2020-28221
PUBLISHED
CVSS 9.800000190734863 CRITICAL
De multiples vulnérabilités ont été découvertes dans les produits Schneider Electric. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance et un déni de service à distance.
EPSS 0.91% · 76.2th percentile
Risk Scores
CVSS 3.1
9.800000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
0.91%
76.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| schneider-electric | ecostruxure_operator_terminal_expert | 3.1, 3.1 |
| schneider-electric | pro-face_blue | 3.1, 3.1 |
| Schneider Electric | N/A | |
| n/a | EcoStruxure™ Operator Terminal Expert 3.1 Service Pack 1A and prior running on Harmony HMIs HMIST6 Series, HMIG3U in HMIGTU Series, HMISTO Series and Pro-face BLUE 3.1 Service Pack 1A and prior running on Pro-face HMIs: ST6000 Series, SP-5B41 in SP5000 Series, GP4100 Series | EcoStruxure™ Operator Terminal Expert 3.1 Service Pack 1A and prior running on Harmony HMIs HMIST6 Series, HMIG3U in HMIGTU Series, HMISTO Series and Pro-face BLUE 3.1 Service Pack 1A and prior running on Pro-face HMIs: ST6000 Series, SP-5B41 in SP5000 Series, GP4100 Series |
Exploit Intelligence
Timeline
- Jan 13, 2021 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Nov 6, 2022 EPSS Score
References
- https://www.se.com/ww/en/download/document/SEVD-2021-012-01/ url
- https://nvd.nist.gov/vuln/detail/CVE-2020-28221 advisory
- https://www.se.com/ww/en/download/document/SEVD-2021-012-01 url
- https://www.se.com/ww/en/download/document/SEVD-2021-012-02/ advisory
- https://www.se.com/ww/en/download/document/SEVD-2021-012-03/ advisory