CVE-2020-7486
HIGHSchneider Electric Triconex TCM 4351/4352 Firmware v10.4.x and v10.3.x - Denial of Service via High Network Load
Title source: llmDescription
**VERSION NOT SUPPORTED WHEN ASSIGNED** A vulnerability could cause TCM modules to reset when under high network load in TCM v10.4.x and in system v10.3.x. This vulnerability was discovered and remediated in version v10.5.x on August 13, 2009. TCMs from v10.5.x and on will no longer exhibit this behavior.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_misc
https://www.se.com/ww/en/download/document/SESB-2020-105-01
Third Party Advisory, US Government Resource x_refsource_misc
https://us-cert.cisa.gov/ics/advisories/icsa-20-205-01
Scores
CVSS v3
7.5
EPSS
0.0030
EPSS Percentile
53.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-400
Status
published
Products (12)
schneider-electric/tricon_tcm_4351_firmware
10.3.x
schneider-electric/tricon_tcm_4351_firmware
10.4.x
schneider-electric/tricon_tcm_4351a_firmware
10.3.x
schneider-electric/tricon_tcm_4351a_firmware
10.4.x
schneider-electric/tricon_tcm_4351b_firmware
10.3.x
schneider-electric/tricon_tcm_4351b_firmware
10.4.x
schneider-electric/tricon_tcm_4352_firmware
10.3.x
schneider-electric/tricon_tcm_4352_firmware
10.4.x
schneider-electric/tricon_tcm_4352a_firmware
10.3.x
schneider-electric/tricon_tcm_4352a_firmware
10.4.x
... and 2 more
Published
Apr 16, 2020
Tracked Since
Feb 18, 2026