Lucene search

[email protected]CVE-2020-8975

HistoryOct 17, 2022 - 10:15 p.m.

CVE-2020-8975

2022-10-1722:15:10

CWE-200

CWE-201

[email protected]

web.nvd.nist.gov

cve-2020-8975

zgr tps200 ng

firmware

hardware

remote access

sensitive information

nvd

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.3 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

57.3%

JSON

ZGR TPS200 NG in its 2.00 firmware version and 1.01 hardware version, allows a remote attacker with access to the web application and knowledge of the routes (URIs) used by the application, to access sensitive information about the system.

Affected configurations

Vulners

NVD

Node

zigorzgr_tps200_ngRange≤2.00 firmware version 2.00

zigorzgr_tps200_ngRange≤1.01 hardware version 1.01

CPENameOperatorVersion
zigor:zgr_tps200_ng_firmwarezigor zgr tps200 ng firmwareeq2.00

CPE	Name	Operator	Version
zigor:zgr_tps200_ng_firmware	zigor zgr tps200 ng firmware	eq	2.00

CNA Affected

[
  {
    "vendor": "ZGR",
    "product": "ZGR TPS200 NG",
    "versions": [
      {
        "version": "2.00 firmware version 2.00",
        "status": "affected"
      },
      {
        "version": "1.01 hardware version 1.01",
        "status": "affected"
      }
    ]
  }
]

References

www.incibe-cert.es/en/early-warning/ics-advisories/multiple-vulnerabilities-zgr-tps200-ng

Social References

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.3 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

57.3%

JSON

Related for CVE-2020-8975

nvd1 prion1 cvelist1