ID
VAR-202006-1540
CVE
CVE-2020-7509
TITLE
Easergy T300 Vulnerability related to authority management in
Trust: 0.8
sources:
JVNDB: JVNDB-2020-006641
DESCRIPTION
A CWE-269: Improper privilege management (write) vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to elevate their privileges and delete files. Easergy T300 Exists in a privilege management vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Schneider Electric Easergy T300 is a remote terminal unit used in the electric power industry from Schneider Electric in France. There is a security vulnerability in Schneider Electric Easergy T300 using firmware version 1.5.2 and earlier
Trust: 2.16
sources:
NVD: CVE-2020-7509 //
JVNDB: JVNDB-2020-006641 //
CNVD: CNVD-2021-21477
IOT TAXONOMY
| category: | ['IoT'] | sub_category: | - | Trust: 0.6 |
sources:
CNVD: CNVD-2021-21477
AFFECTED PRODUCTS
| vendor: | schneider electric | model: | easergy t300 | scope: | lte | version: | 1.5.2 | Trust: 1.0 |
| vendor: | schneider electric | model: | easergy t300 | scope: | eq | version: | 1.5.2 | Trust: 0.8 |
| vendor: | schneider | model: | electric easergy t300 | scope: | lte | version: | <=1.5.2 | Trust: 0.6 |
sources:
CNVD: CNVD-2021-21477 //
JVNDB: JVNDB-2020-006641 //
NVD: CVE-2020-7509
CVSS
SEVERITY | CVSSV2 | CVSSV3 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
sources:
CNVD: CNVD-2021-21477 //
JVNDB: JVNDB-2020-006641 //
CNNVD: CNNVD-202006-1105 //
NVD: CVE-2020-7509
PROBLEMTYPE DATA
| problemtype: | CWE-269 | Trust: 1.8 |
sources:
JVNDB: JVNDB-2020-006641 //
NVD: CVE-2020-7509
THREAT TYPE
remote
Trust: 0.6
sources:
CNNVD: CNNVD-202006-1105
TYPE
other
Trust: 0.6
sources:
CNNVD: CNNVD-202006-1105
CONFIGURATIONS
sources:
JVNDB: JVNDB-2020-006641
PATCH
| title: | SEVD-2020-161-04 | url: | https://www.se.com/ww/en/download/document/SEVD-2020-161-04 | Trust: 0.8 |
| title: | Patch for Schneider Electric Easergy T300 has an unspecified vulnerability (CNVD-2021-21477) | url: | https://www.cnvd.org.cn/patchInfo/show/254361 | Trust: 0.6 |
| title: | Schneider Electric Easergy T300 Security vulnerabilities | url: | http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=121950 | Trust: 0.6 |
sources:
CNVD: CNVD-2021-21477 //
JVNDB: JVNDB-2020-006641 //
CNNVD: CNNVD-202006-1105
EXTERNAL IDS
| db: | NVD | id: | CVE-2020-7509 | Trust: 3.0 |
| db: | SCHNEIDER | id: | SEVD-2020-161-04 | Trust: 1.6 |
| db: | JVNDB | id: | JVNDB-2020-006641 | Trust: 0.8 |
| db: | CNVD | id: | CNVD-2021-21477 | Trust: 0.6 |
| db: | CNNVD | id: | CNNVD-202006-1105 | Trust: 0.6 |
sources:
CNVD: CNVD-2021-21477 //
JVNDB: JVNDB-2020-006641 //
CNNVD: CNNVD-202006-1105 //
NVD: CVE-2020-7509
REFERENCES
| url: | https://www.se.com/ww/en/download/document/sevd-2020-161-04 | Trust: 1.6 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2020-7509 | Trust: 1.2 |
| url: | https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-7509 | Trust: 0.8 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2020-7509\ | Trust: 0.8 |
sources:
CNVD: CNVD-2021-21477 //
JVNDB: JVNDB-2020-006641 //
CNNVD: CNNVD-202006-1105 //
NVD: CVE-2020-7509
SOURCES
| db: | CNVD | id: | CNVD-2021-21477 |
| db: | JVNDB | id: | JVNDB-2020-006641 |
| db: | CNNVD | id: | CNNVD-202006-1105 |
| db: | NVD | id: | CVE-2020-7509 |
LAST UPDATE DATE
2024-11-23T21:59:10.815000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2021-21477 | date: | 2021-03-23T00:00:00 |
| db: | JVNDB | id: | JVNDB-2020-006641 | date: | 2020-07-14T00:00:00 |
| db: | CNNVD | id: | CNNVD-202006-1105 | date: | 2020-06-18T00:00:00 |
| db: | NVD | id: | CVE-2020-7509 | date: | 2024-11-21T05:37:16.997 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2021-21477 | date: | 2021-03-23T00:00:00 |
| db: | JVNDB | id: | JVNDB-2020-006641 | date: | 2020-07-14T00:00:00 |
| db: | CNNVD | id: | CNNVD-202006-1105 | date: | 2020-06-16T00:00:00 |
| db: | NVD | id: | CVE-2020-7509 | date: | 2020-06-16T20:15:15.613 |