{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-07-03T15:42:41.757","vulnerabilities":[{"cve":{"id":"CVE-2020-6970","sourceIdentifier":"ics-cert@hq.dhs.gov","published":"2020-02-19T21:15:11.653","lastModified":"2026-06-17T03:24:02.360","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A Heap-based Buffer Overflow was found in Emerson OpenEnterprise SCADA Server 2.83 (if Modbus or ROC Interfaces have been installed and are in use) and all versions of OpenEnterprise 3.1 through 3.3.3, where a specially crafted script could execute code on the OpenEnterprise Server."},{"lang":"es","value":"Se encontró un desbordamiento de búfer en la región heap de la memoria en Emerson OpenEnterprise SCADA Server versión 2.83 (si las Interfaces Modbus o ROC se han instalado y están en uso) y todas las versiones de OpenEnterprise 3.1 hasta 3.3.3, donde un script especialmente diseñado podría ejecutar código en el OpenEnterprise Server."}],"affected":[{"source":"ics-cert@hq.dhs.gov","affectedData":[{"vendor":"Emerson","product":"OpenEnterprise SCADA Server","versions":[{"version":"2.83 (if Modbus or ROC Interfaces have been installed and are in use)","status":"affected"}]},{"vendor":"Emerson","product":"OpenEnterprise","versions":[{"version":"3.1 through 3.3.3","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-122"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:emerson:openenterprise_scada_server:*:*:*:*:*:*:*:*","versionStartIncluding":"3.1","versionEndIncluding":"3.3.3","matchCriteriaId":"271688F8-AB9E-43BE-B46E-517F78D3D650"},{"vulnerable":true,"criteria":"cpe:2.3:a:emerson:openenterprise_scada_server:2.8.3:*:*:*:*:*:*:*","matchCriteriaId":"652B19A1-64C4-4AD0-8833-BA076979B245"}]}]}],"references":[{"url":"https://www.us-cert.gov/ics/advisories/icsa-20-049-02","source":"ics-cert@hq.dhs.gov","tags":["Third Party Advisory","US Government Resource"]},{"url":"https://www.us-cert.gov/ics/advisories/icsa-20-049-02","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","US Government Resource"]}]}}]}