CVE-2020-28220
MEDIUMModicon M258 Firmware < 5.0.4.11 and SoMachine/SoMachine Motion - Buffer Overflow via File Transfer
Title source: llmDescription
A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Modicon M258 Firmware (All versions prior to V5.0.4.11) and SoMachine/SoMachine Motion software (All versions), that could cause a buffer overflow when the length of a file transferred to the webserver is not verified.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://www.se.com/ww/en/download/document/SEVD-2020-343-09/
Scores
CVSS v3
6.8
EPSS
0.0027
EPSS Percentile
50.9%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-119
Status
published
Products (3)
schneider-electric/modicon_m258_firmware
< 5.0.4.11
schneider-electric/somachine
schneider-electric/somachine_motion
Published
Dec 11, 2020
Tracked Since
Feb 18, 2026