CVE-2020-10632
High
Published: 24 February 2022
Published
24 February 2022
Modified
21 November 2024
KEV Added
—
Patch
—
CVSS Score v3.1
8.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
EPSS Score
0.0008
23.6th percentile
Risk Priority
18
60% EPSS · 20% KEV · 20% CVSS
Summary
CVE-2020-10632 is a high-severity Improper Ownership Management (CWE-282) vulnerability in Emerson Openenterprise Scada Server. Its CVSS base score is 8.8 (High).
Operationally, ranked at the 23.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2020-3080
Vulnerability details
Inadequate folder security permissions in Emerson OpenEnterprise versions through 3.3.4 may allow modification of important configuration files, which could cause the system to fail or behave in an unpredictable manner.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
emerson
openenterprise scada server
≤ 3.3.4
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.