Vulnerability in Schneider-electric Vijeo_designer

CVE-2020-7501

A CWE-798: Use of Hard-coded Credentials vulnerability exists in Vijeo Designer Basic (V1.1 HotFix 16 and prior) and Vijeo Designer (V6.2 SP9 and prior) which could cause unauthorized read and write when downloading and uploading project o…

EPSS: 0.011 (62.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.8 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.

Affected products

  • Schneider-electric Vijeo_designer — versions 1.1, 6.9
  • N/a Vijeo Designer Basic (V1.1 Hotfix 16 And Prior) (V6.2 Sp9 — versions Vijeo Designer Basic (V1.1 HotFix 16 and prior) and Vijeo Designer (V6.2 SP9 and prior)

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2020-7501?
CVE-2020-7501 is a high-severity vulnerability in Schneider-electric Vijeo_designer, classified under Use of Hard-coded Credentials. CVSS score: 8.8/10. Published 2020-06-16.
How severe is CVE-2020-7501?
High severity. CVSS v3 base score is 8.8 out of 10.