Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.4
CVSSv2

CVE-2020-27267

Published: 14/01/2021 Updated: 21/01/2021
CVSS v2 Base Score: 6.4 | Impact Score: 4.9 | Exploitability Score: 10
CVSS v3 Base Score: 9.1 | Impact Score: 5.2 | Exploitability Score: 3.9
VMScore: 570
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:P
Subscribe to Ge

Vulnerability Summary

KEPServerEX v6.0 to v6.9, ThingWorx Kepware Server v6.8 and v6.9, ThingWorx Industrial Connectivity (all versions), OPC-Aggregator (all versions), Rockwell Automation KEPServer Enterprise, GE Digital Industrial Gateway Server v7.68.804 and v7.66, and Software Toolbox TOP Server all 6.x versions, are vulnerable to a heap-based buffer overflow. Opening a specifically crafted OPC UA message could allow an malicious user to crash the server and potentially leak data.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

ge industrial gateway server 7.66

ge industrial gateway server 7.68.804

ptc kepware kepserverex 6.0

ptc kepware kepserverex 6.9

ptc opc-aggregator -

ptc thingworx industrial connectivity -

ptc thingworx kepware server 6.8

ptc thingworx kepware server 6.9

rockwellautomation kepserver enterprise 6.6.504.0

rockwellautomation kepserver enterprise 6.9.572.0

softwaretoolbox top server

References

CWE-787https://us-cert.cisa.gov/ics/advisories/icsa-20-352-02https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27975CVE-2024-2961CVE-2024-20380XML injectionHTML injectionCVE-2024-29204CVE-2023-51795memory leakCVE-2024-3470
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook