M&M Software fdtCONTAINER Component in versions below 3.5.20304.x and between 3.6 and 3.6.20304.x is vulnerable to deserialization of untrusted data in its project storage.
References
Link | Resource |
---|---|
https://cert.vde.com/en-us/advisories/vde-2020-038 | Not Applicable Third Party Advisory |
https://us-cert.cisa.gov/ics/advisories/icsa-21-021-05 | Third Party Advisory US Government Resource |
https://cert.vde.com/en-us/advisories/vde-2020-038 | Not Applicable Third Party Advisory |
https://us-cert.cisa.gov/ics/advisories/icsa-21-021-05 | Third Party Advisory US Government Resource |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
AND |
|
History
21 Nov 2024, 04:59
Type | Values Removed | Values Added |
---|---|---|
References | () https://cert.vde.com/en-us/advisories/vde-2020-038 - Not Applicable, Third Party Advisory | |
References | () https://us-cert.cisa.gov/ics/advisories/icsa-21-021-05 - Third Party Advisory, US Government Resource | |
CVSS |
v2 : v3 : |
v2 : 6.8
v3 : 7.3 |
10 Feb 2022, 17:57
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://us-cert.cisa.gov/ics/advisories/icsa-21-021-05 - Third Party Advisory, US Government Resource | |
CPE | cpe:2.3:a:weidmueller:wi_manager:*:*:*:*:*:*:*:* |
Information
Published : 2021-01-22 19:15
Updated : 2024-11-21 04:59
NVD link : CVE-2020-12525
Mitre link : CVE-2020-12525
CVE.ORG link : CVE-2020-12525
JSON object : View
Products Affected
pepperl-fuchs
- io-link_master_8-pnio
- io-link_master_dr-8-pnio-p
- io-link_master_8-pnio-l
- io-link_master_firmware
- io-link_master_dr-8-eip-p
- io-link_master_4-eip
- io-link_master_8-eip-l
- io-link_master_4-pnio
- io-link_master_dr-8-eip-t
- io-link_master_8-eip
- io-link_master_dr-8-pnio-t
- io-link_master_dr-8-pnio
- pactware
- io-link_master_dr-8-eip
wago
- fdtcontainer_application
- fdtcontainer_component
- dtminspector_3
emerson
- rosemount_transmitter_interface_software
weidmueller
- wi_manager
CWE
CWE-502
Deserialization of Untrusted Data