Vulnerabilities > CVE-2020-7563 - Out-of-bounds Write vulnerability in Schneider-Electric products

047910
CVSS 6.5 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
SINGLE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
schneider-electric
CWE-787

Summary

A CWE-787: Out-of-bounds Write vulnerability exists in the Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details) which could cause corruption of data, a crash, or code execution when uploading a specially crafted file on the controller over FTP.

Vulnerable Configurations

Part Description Count
OS
Schneider-Electric
20
Hardware
Schneider-Electric
20

Common Weakness Enumeration (CWE)