CVE-2020-10634

Summary

SAE IT-systems FW-50 Remote Telemetry Unit (RTU). A specially crafted request could allow an attacker to view the file structure of the affected device and access files that should be inaccessible.

Affected Software

VendorProductVersion RangeStatus
n/aSAE IT-systems FW-50 Remote Telemetry Unit (RTU)FW-50 RTU, Series: 5 Seriesaffected
n/aSAE IT-systems FW-50 Remote Telemetry Unit (RTU)CPU-type: CPU-5Baffected
n/aSAE IT-systems FW-50 Remote Telemetry Unit (RTU)Hardware Revision: 2affected
n/aSAE IT-systems FW-50 Remote Telemetry Unit (RTU)CPLD Revision: 6affected

Weaknesses

  • CWE-22: IMPROPER LIMITATION OF A PATHNAME TO A RESTRICTED DIRECTORY ('PATH TRAVERSAL') CWE-22

ADP Enrichment

CVE Program Container

Additional References

References