ICSA-20-343-03 — Vulnetix

ICSA-20-343-03 PUBLISHED CVSS 10 CRITICAL

Successful exploitation of this vulnerability could allow an attacker to obtain unauthorized access to the internal product LAN, which could result in exposure of sensitive information, denial of service, and remote code execution when access to a resource from an attacker is not restricted or incorrectly restricted.

Risk Scores

CVSS v3.1

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:H/A:H

Affected Products

Vendor	Product	Versions
	Easergy T300 with firmware: Versions 2.7 and prior

Timeline

Dec 8, 2020 CVE Published

References

https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2020/icsa-20-343-03.json advisory
https://www.cisa.gov/news-events/ics-advisories/icsa-20-343-03 advisory
https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf url
https://us-cert.cisa.gov/ics/tips/ICS-TIP-12-146-01B url
https://www.se.com/us/en/work/support/contacts.jsp fix
https://www.se.com/us/en/download/document/7EN52-0390/ fix
https://www.se.com/ww/en/download/document/SEVD-2020-315-06/ fix

Open in Interactive Console →