Strix
26.1K

CVE-2020-7485

CRITICALCVSS 9.8/10EPSS 1.81%

Last modified

CVE-2020-7485 is a critical-severity vulnerability rated 9.8/10 on the CVSS scale. **VERSION NOT SUPPORTED WHEN ASSIGNED** A legacy support account in the TriStation software version v4.9.0 and earlier could cause improper access to the TriStation host machine. This was addressed in TriStation version v4.9.1 and v4.10.1 released on May 30, 2013.1. EPSS estimates a 1.81% chance of exploitation in the next 30 days.

Description

**VERSION NOT SUPPORTED WHEN ASSIGNED** A legacy support account in the TriStation software version v4.9.0 and earlier could cause improper access to the TriStation host machine. This was addressed in TriStation version v4.9.1 and v4.10.1 released on May 30, 2013.1

Metrics

CVSS 3.1
9.8/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Probability
1.81%

75.9th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

VendorProductVersions
Schneider-ElectricTristation 1131>= 1.0.0, <= 4.9.0
Schneider-ElectricTristation 11314.10.0
Schneider-ElectricTristation 11314.12.0

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2020-7485?
**VERSION NOT SUPPORTED WHEN ASSIGNED** A legacy support account in the TriStation software version v4.9.0 and earlier could cause improper access to the TriStation host machine. This was addressed in TriStation version v4.9.1 and v4.10.1 released on May 30, 2013.1
How severe is CVE-2020-7485?
CVE-2020-7485 has a CVSS score of 9.8/10 (CRITICAL severity). The EPSS model estimates a 1.81% probability of exploitation in the next 30 days.
How do I fix CVE-2020-7485?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2020-7485?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST