CVE-2020-7485 — Tristation 1131 vulnerability

3 documents3 sources

Severity

9.8CRITICALNVD

EPSS

0.3%

top 47.94%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Schneider-electric Tristation 1131

Timeline

PublishedApr 16

Latest updateMay 24

Description

**VERSION NOT SUPPORTED WHEN ASSIGNED** A legacy support account in the TriStation software version v4.9.0 and earlier could cause improper access to the TriStation host machine. This was addressed in TriStation version v4.9.1 and v4.10.1 released on May 30, 2013.1

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages1 packages

▶NVDschneider-electric/tristation_11311.0.0 — 4.9.0+2

🔴Vulnerability Details

GHSA

GHSA-4m2f-rpgh-x4cm: **VERSION NOT SUPPORTED WHEN ASSIGNED** A legacy support account in the TriStation software version v4↗2022-05-24

▶

CVEList

CVE-2020-7485: **VERSION NOT SUPPORTED WHEN ASSIGNED** A legacy support account in the TriStation software version v4↗2020-04-15

▶