Sign-up

ID

VAR-202010-1622


TITLE

Beijing Sifang Relay Automation Co., Ltd. CyberControl has a command execution vulnerability

Trust: 0.6

sources: CNVD: CNVD-2020-53356

DESCRIPTION

CyberControl is a flexible and customizable automated monitoring software platform that can run on a variety of operating systems. Its application areas include monitoring master stations of large industrial systems to local monitoring systems based on tablet computers. Beijing Sifang Relay Automation Co., Ltd. CyberControl has a command execution vulnerability. Attackers can use vulnerabilities to execute arbitrary commands.

Trust: 0.6

sources: CNVD: CNVD-2020-53356

IOT TAXONOMY

category:['ICS']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2020-53356

AFFECTED PRODUCTS

vendor:sifang relay automationmodel:cybercontrolscope:lteversion:<=5.*

Trust: 0.6

sources: CNVD: CNVD-2020-53356

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2020-53356
value: HIGH

Trust: 0.6

CNVD: CNVD-2020-53356
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2020-53356

EXTERNAL IDS

db:CNVDid:CNVD-2020-53356

Trust: 0.6

sources: CNVD: CNVD-2020-53356

SOURCES

db:CNVDid:CNVD-2020-53356

LAST UPDATE DATE

2022-05-04T08:33:51.827000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2020-53356date:2020-09-23T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2020-53356date:2020-10-01T00:00:00