Vulnerability Description
**VERSION NOT SUPPORTED WHEN ASSIGNED** A vulnerability could cause certain data to be visible on the network when the 'password' feature is enabled. This vulnerability was discovered in and remediated in versions v4.9.1 and v4.10.1 on May 30, 2013. The 'password' feature is an additional optional check performed by TS1131 that it is connected to a specific controller. This data is sent as clear text and is visible on the network. This feature is not present in TriStation 1131 versions v4.9.1 and v4.10.1 through current. Therefore, the vulnerability is not present in these versions.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Schneider-Electric | Tristation 1131 | >= 1.0, <= 4.12.0 |
| Microsoft | Windows 7 | - |
| Microsoft | Windows Nt | - |
| Microsoft | Windows Xp | - |
Related Weaknesses (CWE)
References
- https://us-cert.cisa.gov/ics/advisories/icsa-20-205-01Third Party AdvisoryUS Government Resource
- https://www.se.com/ww/en/download/document/SESB-2020-105-01Vendor Advisory
- https://us-cert.cisa.gov/ics/advisories/icsa-20-205-01Third Party AdvisoryUS Government Resource
- https://www.se.com/ww/en/download/document/SESB-2020-105-01Vendor Advisory
FAQ
What is CVE-2020-7483?
CVE-2020-7483 is a vulnerability with a CVSS score of 7.5 (HIGH). **VERSION NOT SUPPORTED WHEN ASSIGNED** A vulnerability could cause certain data to be visible on the network when the 'password' feature is enabled. This vulnerability was discovered in and remediate...
How severe is CVE-2020-7483?
CVE-2020-7483 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-7483?
Check the references section above for vendor advisories and patch information. Affected products include: Schneider-Electric Tristation 1131, Microsoft Windows 7, Microsoft Windows Nt, Microsoft Windows Xp.