{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-25T03:43:03.883","vulnerabilities":[{"cve":{"id":"CVE-2020-7559","sourceIdentifier":"cybersecurity@se.com","published":"2020-11-19T22:15:14.800","lastModified":"2026-06-17T03:25:00.460","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability exists in PLC Simulator on EcoStruxureª Control Expert (now Unity Pro) (all versions) that could cause a crash of the PLC simulator present in EcoStruxureª Control Expert software when receiving a specially crafted request over Modbus."},{"lang":"es","value":"CWE-120: Se presenta una vulnerabilidad de Copia del Búfer sin Comprobar el Tamaño de la Entrada (\"Classic Buffer Overflow\") en el Simulador de PLC en EcoStruxureª Control Expert (ahora Unity Pro) (todas las versiones) que podría causar un bloqueo del simulador de PLC presente en el software EcoStruxureª Control Expert cuando recibe una petición especialmente diseñada mediante Modbus"}],"affected":[{"source":"cybersecurity@se.com","affectedData":[{"vendor":"n/a","product":"PLC Simulator on EcoStruxureª Control Expert (now Unity Pro) (all versions)","versions":[{"version":"PLC Simulator on EcoStruxureª Control Expert (now Unity Pro) (all versions)","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:N/A:P","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"cybersecurity@se.com","type":"Secondary","description":[{"lang":"en","value":"CWE-120"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:schneider-electric:ecostruxure_control_expert:*:*:*:*:*:*:*:*","matchCriteriaId":"18E8CCC1-A467-4FEF-964D-8481EAE892EC"}]}]}],"references":[{"url":"https://www.se.com/ww/en/download/document/SEVD-2020-315-07","source":"cybersecurity@se.com","tags":["Patch","Product","Vendor Advisory"]},{"url":"https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1140","source":"cybersecurity@se.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://www.se.com/ww/en/download/document/SEVD-2020-315-07","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Product","Vendor Advisory"]},{"url":"https://www.talosintelligence.com/vulnerability_reports/TALOS-2020-1140","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}}]}