ID
VAR-202006-1533
CVE
CVE-2020-7502
TITLE
Modicon M218 Logic Controller Out-of-bounds write vulnerability in
Trust: 0.8
sources:
JVNDB: JVNDB-2020-006944
DESCRIPTION
A CWE-787: Out-of-bounds Write vulnerability exists in Modicon M218 Logic Controller (Firmware version 4.3 and prior), which may cause a Denial of Service when specific TCP/IP crafted packets are sent to the Modicon M218 Logic Controller. Modicon M218 Logic Controller Is vulnerable to out-of-bounds writes.Service operation interruption (DoS) It may be put into a state. Schneider Electric Modicon M218 Logic Controller is a programmable logic controller of French Schneider Electric (Schneider Electric) company
Trust: 2.25
sources:
NVD: CVE-2020-7502 //
JVNDB: JVNDB-2020-006944 //
CNVD: CNVD-2021-25689 //
VULMON: CVE-2020-7502
IOT TAXONOMY
| category: | ['ICS'] | sub_category: | - | Trust: 0.6 |
sources:
CNVD: CNVD-2021-25689
AFFECTED PRODUCTS
| vendor: | schneider electric | model: | modicon m218 | scope: | lte | version: | 4.3 | Trust: 1.0 |
| vendor: | schneider electric | model: | modicon m218 | scope: | eq | version: | 4.3 | Trust: 0.8 |
| vendor: | schneider | model: | electric modicon m218 | scope: | lte | version: | <=4.3 | Trust: 0.6 |
sources:
CNVD: CNVD-2021-25689 //
JVNDB: JVNDB-2020-006944 //
NVD: CVE-2020-7502
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
sources:
CNVD: CNVD-2021-25689 //
VULMON: CVE-2020-7502 //
JVNDB: JVNDB-2020-006944 //
CNNVD: CNNVD-202006-1087 //
NVD: CVE-2020-7502
PROBLEMTYPE DATA
| problemtype: | CWE-787 | Trust: 1.8 |
sources:
JVNDB: JVNDB-2020-006944 //
NVD: CVE-2020-7502
THREAT TYPE
remote
Trust: 0.6
sources:
CNNVD: CNNVD-202006-1087
TYPE
buffer error
Trust: 0.6
sources:
CNNVD: CNNVD-202006-1087
CONFIGURATIONS
sources:
JVNDB: JVNDB-2020-006944
PATCH
| title: | SEVD-2020-161-01 | url: | https://www.se.com/ww/en/download/document/SEVD-2020-161-01/ | Trust: 0.8 |
| title: | Patch for Schneider Electric Modicon M218 Logic Controller buffer overflow vulnerability | url: | https://www.cnvd.org.cn/patchInfo/show/256391 | Trust: 0.6 |
| title: | Schneider Electric Modicon M218 Logic Controller Buffer error vulnerability fix | url: | http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=122530 | Trust: 0.6 |
sources:
CNVD: CNVD-2021-25689 //
JVNDB: JVNDB-2020-006944 //
CNNVD: CNNVD-202006-1087
EXTERNAL IDS
| db: | NVD | id: | CVE-2020-7502 | Trust: 3.1 |
| db: | SCHNEIDER | id: | SEVD-2020-161-01 | Trust: 1.7 |
| db: | JVNDB | id: | JVNDB-2020-006944 | Trust: 0.8 |
| db: | CNVD | id: | CNVD-2021-25689 | Trust: 0.6 |
| db: | CNNVD | id: | CNNVD-202006-1087 | Trust: 0.6 |
| db: | VULMON | id: | CVE-2020-7502 | Trust: 0.1 |
sources:
CNVD: CNVD-2021-25689 //
VULMON: CVE-2020-7502 //
JVNDB: JVNDB-2020-006944 //
CNNVD: CNNVD-202006-1087 //
NVD: CVE-2020-7502
REFERENCES
| url: | https://nvd.nist.gov/vuln/detail/cve-2020-7502 | Trust: 2.0 |
| url: | https://www.se.com/ww/en/download/document/sevd-2020-161-01 | Trust: 1.7 |
| url: | https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-7502 | Trust: 0.8 |
| url: | https://cwe.mitre.org/data/definitions/787.html | Trust: 0.1 |
| url: | https://nvd.nist.gov | Trust: 0.1 |
sources:
CNVD: CNVD-2021-25689 //
VULMON: CVE-2020-7502 //
JVNDB: JVNDB-2020-006944 //
CNNVD: CNNVD-202006-1087 //
NVD: CVE-2020-7502
SOURCES
| db: | CNVD | id: | CNVD-2021-25689 |
| db: | VULMON | id: | CVE-2020-7502 |
| db: | JVNDB | id: | JVNDB-2020-006944 |
| db: | CNNVD | id: | CNNVD-202006-1087 |
| db: | NVD | id: | CVE-2020-7502 |
LAST UPDATE DATE
2024-11-23T23:11:24.234000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2021-25689 | date: | 2021-04-08T00:00:00 |
| db: | VULMON | id: | CVE-2020-7502 | date: | 2022-01-31T00:00:00 |
| db: | JVNDB | id: | JVNDB-2020-006944 | date: | 2020-07-22T00:00:00 |
| db: | CNNVD | id: | CNNVD-202006-1087 | date: | 2022-03-10T00:00:00 |
| db: | NVD | id: | CVE-2020-7502 | date: | 2024-11-21T05:37:16.223 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2021-25689 | date: | 2021-04-08T00:00:00 |
| db: | VULMON | id: | CVE-2020-7502 | date: | 2020-06-16T00:00:00 |
| db: | JVNDB | id: | JVNDB-2020-006944 | date: | 2020-07-22T00:00:00 |
| db: | CNNVD | id: | CNNVD-202006-1087 | date: | 2020-06-16T00:00:00 |
| db: | NVD | id: | CVE-2020-7502 | date: | 2020-06-16T20:15:15.050 |