Vulnetix
Try Vulnetix Request Demo
CVE-2020-7538 PUBLISHED CVSS 7.5 HIGH

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in PLC Simulator on EcoStruxureª Control Expert (now Unity Pro) (all versions) that could cause a crash of the PLC simulator present in EcoStruxureª Control Expert software when receiving a specially crafted request over Modbus.

EPSS 0.46% · 63.7th percentile

Risk Scores

CVSS v3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
0.46%
63.7th percentile

Affected Products

VendorProductVersions
schneider-electricecostruxure_control_expert
n/aPLC Simulator on EcoStruxureª Control Expert (now Unity Pro) (all versions)PLC Simulator on EcoStruxureª Control Expert (now Unity Pro) (all versions)

Timeline

References

Open in Interactive Console →