Vulnerability Description
A CWE-269: Improper privilege management (write) vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to elevate their privileges and delete files.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Schneider-Electric | Easergy T300 Firmware | <= 1.5.2 |
| Schneider-Electric | Easergy T300 | - |
Related Weaknesses (CWE)
References
- https://www.se.com/ww/en/download/document/SEVD-2020-161-04Vendor Advisory
- https://www.se.com/ww/en/download/document/SEVD-2020-161-04Vendor Advisory
FAQ
What is CVE-2020-7509?
CVE-2020-7509 is a vulnerability with a CVSS score of 7.2 (HIGH). A CWE-269: Improper privilege management (write) vulnerability exists in Easergy T300 (Firmware version 1.5.2 and older) which could allow an attacker to elevate their privileges and delete files.
How severe is CVE-2020-7509?
CVE-2020-7509 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-7509?
Check the references section above for vendor advisories and patch information. Affected products include: Schneider-Electric Easergy T300 Firmware, Schneider-Electric Easergy T300.