Vulnerability Description
**VERSION NOT SUPPORTED WHEN ASSIGNED** A legacy support account in the TriStation software version v4.9.0 and earlier could cause improper access to the TriStation host machine. This was addressed in TriStation version v4.9.1 and v4.10.1 released on May 30, 2013.1
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Schneider-Electric | Tristation 1131 | >= 1.0.0, <= 4.9.0 |
| Microsoft | Windows 7 | - |
| Microsoft | Windows Nt | - |
| Microsoft | Windows Xp | - |
References
- https://us-cert.cisa.gov/ics/advisories/icsa-20-205-01Third Party AdvisoryUS Government Resource
- https://www.se.com/ww/en/download/document/SESB-2020-105-01Vendor Advisory
- https://us-cert.cisa.gov/ics/advisories/icsa-20-205-01Third Party AdvisoryUS Government Resource
- https://www.se.com/ww/en/download/document/SESB-2020-105-01Vendor Advisory
FAQ
What is CVE-2020-7485?
CVE-2020-7485 is a vulnerability with a CVSS score of 9.8 (CRITICAL). **VERSION NOT SUPPORTED WHEN ASSIGNED** A legacy support account in the TriStation software version v4.9.0 and earlier could cause improper access to the TriStation host machine. This was addressed in...
How severe is CVE-2020-7485?
CVE-2020-7485 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2020-7485?
Check the references section above for vendor advisories and patch information. Affected products include: Schneider-Electric Tristation 1131, Microsoft Windows 7, Microsoft Windows Nt, Microsoft Windows Xp.