CVE-2020-7532

DESERIALIZATION OF UNTRUSTED DATA CWE-502
A vulnerability exists in SCADAPack x70 Security Administrator (V1.2.0 and prior) which could allow arbitrary code execution when an attacker builds a custom .SDB file containing a malicious serialized buffer.

Risk Information

  • CVE ID
  • CVE-2020-7532
  • Vendor
  • Schneider Electric
  • Product
  • SCADAPack
  • CVSS v3
  • 7.8