Vulnerability in Schneider-electric Vijeo_designer
CVE-2020-7501
A CWE-798: Use of Hard-coded Credentials vulnerability exists in Vijeo Designer Basic (V1.1 HotFix 16 and prior) and Vijeo Designer (V6.2 SP9 and prior) which could cause unauthorized read and write when downloading and uploading project o…
EPSS: 0.011 (62.0th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 8.8 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.
Affected products
- Schneider-electric Vijeo_designer — versions 1.1, 6.9
- N/a Vijeo Designer Basic (V1.1 Hotfix 16 And Prior) (V6.2 Sp9 — versions Vijeo Designer Basic (V1.1 HotFix 16 and prior) and Vijeo Designer (V6.2 SP9 and prior)
Weakness classification (CWE)
References
- cybersecurity@se.com (x_refsource_MISC, Vendor Advisory)
Frequently asked questions
- What is CVE-2020-7501?
- CVE-2020-7501 is a high-severity vulnerability in Schneider-electric Vijeo_designer, classified under Use of Hard-coded Credentials. CVSS score: 8.8/10. Published 2020-06-16.
- How severe is CVE-2020-7501?
- High severity. CVSS v3 base score is 8.8 out of 10.