CVE-2020-28212

Published: Nov 19, 2020

Modified: Aug 4, 2024

PUBLISHED

Description

A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists in PLC Simulator on EcoStruxureª Control Expert (now Unity Pro) (all versions) that could cause unauthorized command execution when a brute force attack is done over Modbus.

Vendor	Product	Versions
n/a	PLC Simulator on EcoStruxureª Control Expert (now Unity Pro) (all versions)	affected `PLC Simulator on EcoStruxureª Control Expert (now Unity Pro) (all versions)`

Weaknesses (CWE)

CWE-307

References

https://www.se.com/ww/en/download/document/SEVD-2020-315-07

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2020-28212

Description

Affected Products

Weaknesses (CWE)

References