Lucene search

INCIBECVELIST:CVE-2020-8975

HistorySep 30, 2022 - 12:00 a.m.

CVE-2020-8975 ZGR TPS200 NG Information Exposure

2022-09-3000:00:00

CWE-201

INCIBE

www.cve.org

cve-2020-8975

zgr tps200 ng

information exposure

firmware v2.00

hardware v1.01

remote attacker

web application

sensitive information.

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.4 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

57.3%

JSON

ZGR TPS200 NG in its 2.00 firmware version and 1.01 hardware version, allows a remote attacker with access to the web application and knowledge of the routes (URIs) used by the application, to access sensitive information about the system.

CNA Affected

[
  {
    "vendor": "ZGR",
    "product": "ZGR TPS200 NG",
    "versions": [
      {
        "version": "2.00 firmware version 2.00",
        "status": "affected"
      },
      {
        "version": "1.01 hardware version 1.01",
        "status": "affected"
      }
    ]
  }
]

References

www.incibe-cert.es/en/early-warning/ics-advisories/multiple-vulnerabilities-zgr-tps200-ng

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.4 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

57.3%

JSON

Related for CVELIST:CVE-2020-8975