CVE-2020-7560 in Schneider Electric and Se Products
Published on December 11, 2020

A CWE-123: Write-what-where Condition vulnerability exists in EcoStruxure Control Expert (all versions) and Unity Pro (former name of EcoStruxure Control Expert) (all versions), that could cause a crash of the software or unexpected code execution when opening a malicious file in EcoStruxure Control Expert software.

NVD

Weakness Type

Write-what-where Condition

Any condition where the attacker has the ability to write an arbitrary value to an arbitrary location, often as the result of a buffer overflow.

Products Associated with CVE-2020-7560

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2020-7560 are published in these products:

Schneider Electric Ecostruxure Control Expert

Schneider Electric Unity Pro

Se Ecostruxure Control Expert

Exploit Probability

EPSS

0.42%

Percentile

61.38%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2020-7560 in Schneider Electric and Se ProductsPublished on December 11, 2020

Weakness Type

Write-what-where Condition

Products Associated with CVE-2020-7560

Exploit Probability

CVE-2020-7560 in Schneider Electric and Se Products
Published on December 11, 2020