A CWE-494: Download of Code Without Integrity Check vulnerability exists in PLC Simulator on EcoStruxureª Control Expert (now Unity Pro) (all versions) that could cause unauthorized command execution when sending specially crafted requests over Modbus.
References
Link | Resource |
---|---|
https://www.se.com/ww/en/download/document/SEVD-2020-315-07 | Patch Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: schneider
Published: 2020-11-19T21:03:54
Updated: 2020-11-19T21:03:54
Reserved: 2020-11-05T00:00:00
Link: CVE-2020-28213
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-11-19T22:15:13.597
Modified: 2022-01-31T19:33:27.457
Link: CVE-2020-28213
JSON object: View
Redhat Information
No data.
CWE