Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2020-7486

**VERSION NOT SUPPORTED WHEN ASSIGNED** A vulnerability could cause TCM modules to reset when under high network load in TCM v10.4.x and in system v10.3.x. This vulnerability was discovered and remediated in version v10.5.x on August 13, 2009. TCMs from v10.5.x and on will no longer exhibit this behavior.

Published

2020-04-16T19:15:34.823

Last Modified

2024-11-21T05:37:14.460

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: PARTIAL

Exploitability Score

10.0

Impact Score

2.9

Weaknesses

Type: Primary
CWE-400

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	schneider-electric	tricon_tcm_4351_firmware	10.3.x	Yes
Operating System	schneider-electric	tricon_tcm_4351_firmware	10.4.x	Yes
Hardware	schneider-electric	tricon_tcm_4351	-	No
Operating System	schneider-electric	tricon_tcm_4352_firmware	10.3.x	Yes
Operating System	schneider-electric	tricon_tcm_4352_firmware	10.4.x	Yes
Hardware	schneider-electric	tricon_tcm_4352	-	No
Operating System	schneider-electric	tricon_tcm_4351a_firmware	10.3.x	Yes
Operating System	schneider-electric	tricon_tcm_4351a_firmware	10.4.x	Yes
Hardware	schneider-electric	tricon_tcm_4351a	-	No
Operating System	schneider-electric	tricon_tcm_4351b_firmware	10.3.x	Yes
Operating System	schneider-electric	tricon_tcm_4351b_firmware	10.4.x	Yes
Hardware	schneider-electric	tricon_tcm_4351b	-	No
Operating System	schneider-electric	tricon_tcm_4352a_firmware	10.3.x	Yes
Operating System	schneider-electric	tricon_tcm_4352a_firmware	10.4.x	Yes
Hardware	schneider-electric	tricon_tcm_4352a	-	No
Operating System	schneider-electric	tricon_tcm_4352b_firmware	10.3.x	Yes
Operating System	schneider-electric	tricon_tcm_4352b_firmware	10.4.x	Yes
Hardware	schneider-electric	tricon_tcm_4352b	-	No

References

https://us-cert.cisa.gov/ics/advisories/icsa-20-205-01 Third Party Advisory, US Government Resource ([email protected])
https://www.se.com/ww/en/download/document/SESB-2020-105-01 Vendor Advisory ([email protected])
https://us-cert.cisa.gov/ics/advisories/icsa-20-205-01 Third Party Advisory, US Government Resource (af854a3a-2127-422b-91ae-364da2661108)
https://www.se.com/ww/en/download/document/SESB-2020-105-01 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)