{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T02:26:25.519","vulnerabilities":[{"cve":{"id":"CVE-2020-6655","sourceIdentifier":"CybersecurityCOE@eaton.com","published":"2021-01-07T18:15:13.857","lastModified":"2024-11-21T05:36:06.363","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"The Eaton's easySoft software v7.xx prior to v7.22 are susceptible to Out-of-bounds remote code execution vulnerability. A malicious entity can execute a malicious code or make the application crash by tricking user to upload the malformed .E70 file in the application. The vulnerability arises due to improper validation and parsing of the E70 file content by the application."},{"lang":"es","value":"El software easySoft de Eaton versión v7.xx y anterior a la v7.22 es susceptible a la vulnerabilidad de ejecución remota de código fuera de límites. Una entidad maliciosa puede ejecutar un código malicioso o hacer que la aplicación se bloquee engañando al usuario para que cargue el archivo .E70 malformado en la aplicación. La vulnerabilidad surge debido a una validación y análisis inadecuados del contenido del archivo E70 por parte de la aplicación"}],"metrics":{"cvssMetricV31":[{"source":"CybersecurityCOE@eaton.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:L","baseScore":5.8,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":1.0,"impactScore":4.7},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:P/I:P/A:P","baseScore":6.8,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"CybersecurityCOE@eaton.com","type":"Secondary","description":[{"lang":"en","value":"CWE-20"},{"lang":"en","value":"CWE-125"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:eaton:easysoft:*:*:*:*:*:*:*:*","versionStartIncluding":"7.00","versionEndExcluding":"7.22","matchCriteriaId":"9B48E09D-AA56-4B08-B4BD-74726DE49BFA"}]}]}],"references":[{"url":"https://us-cert.cisa.gov/ics/advisories/icsa-21-007-03","source":"CybersecurityCOE@eaton.com","tags":["Third Party Advisory","US Government Resource"]},{"url":"https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/easySoft-eaton-vulnerability-advisory.pdf","source":"CybersecurityCOE@eaton.com","tags":["Vendor Advisory"]},{"url":"https://www.zerodayinitiative.com/advisories/ZDI-20-1443/","source":"CybersecurityCOE@eaton.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://us-cert.cisa.gov/ics/advisories/icsa-21-007-03","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","US Government Resource"]},{"url":"https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/easySoft-eaton-vulnerability-advisory.pdf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://www.zerodayinitiative.com/advisories/ZDI-20-1443/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]}]}}]}