Vulnerabilities > CVE-2020-7485 - Unspecified vulnerability in Schneider-Electric Tristation 1131

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

schneider-electric

critical

NVD

Published: 2020-04-16

Updated: 2023-03-01

Summary

**VERSION NOT SUPPORTED WHEN ASSIGNED** A legacy support account in the TriStation software version v4.9.0 and earlier could cause improper access to the TriStation host machine. This was addressed in TriStation version v4.9.1 and v4.10.1 released on May 30, 2013.1

Vulnerable Configurations

Part	Description	Count
Application	Schneider-Electric Schneider Electric Tristation 1131 1.0.0 Schneider Electric Tristation 1131 4.0.0 Schneider Electric Tristation 1131 4.9.0 Schneider Electric Tristation 1131 4.10.0 Schneider Electric Tristation 1131 4.12.0	5
OS	Microsoft Microsoft Windows 7 - Microsoft Windows NT - Microsoft Windows XP -	3

References

https://www.se.com/ww/en/download/document/SESB-2020-105-01
https://us-cert.cisa.gov/ics/advisories/icsa-20-205-01