{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-11T08:10:57.710","vulnerabilities":[{"cve":{"id":"CVE-2020-10615","sourceIdentifier":"ics-cert@hq.dhs.gov","published":"2020-04-15T19:15:13.753","lastModified":"2024-11-21T04:55:42.243","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 allows remote attackers cause a denial-of-service condition due to a lack of proper validation of the length of user-supplied data, prior to copying it to a fixed-length stack-based buffer. Authentication is not required to exploit this vulnerability."},{"lang":"es","value":"Triangle MicroWorks SCADA Data Gateway versiones 3.02.0697 hasta 4.0.122, versiones 2.41.0213 hasta 4.0.122, permite a atacantes remotos causar una condición de denegación de servicio debido a la falta de una comprobación apropiada de la longitud de datos suministrados por el usuario, antes de copiar en un búfer en la región stack de la memoria de longitud fija. No es requerida una autenticación para explotar esta vulnerabilidad."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:P","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-121"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:trianglemicroworks:scada_data_gateway:*:*:*:*:*:*:*:*","versionStartIncluding":"2.41.0213","versionEndIncluding":"4.0.122","matchCriteriaId":"3F22582F-32D4-4E3A-AF76-CDB180CC0D03"}]}]}],"references":[{"url":"https://www.us-cert.gov/ics/advisories/icsa-20-105-03","source":"ics-cert@hq.dhs.gov","tags":["Third Party Advisory","US Government Resource"]},{"url":"https://www.zerodayinitiative.com/advisories/ZDI-20-547/","source":"ics-cert@hq.dhs.gov","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://www.us-cert.gov/ics/advisories/icsa-20-105-03","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","US Government Resource"]},{"url":"https://www.zerodayinitiative.com/advisories/ZDI-20-547/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]}]}}]}