A CWE-863: Incorrect Authorization vulnerability exists in PLC Simulator on EcoStruxureª Control Expert (now Unity Pro) (all versions) that could cause bypass of authentication when overwriting memory using a debugger.
References
Link | Resource |
---|---|
https://www.se.com/ww/en/download/document/SEVD-2020-315-07 | Patch Vendor Advisory |
Configurations
History
31 Jan 2022, 19:33
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:schneider-electric:ecostruxure_control_expert:*:*:*:*:*:*:*:* | |
First Time |
Schneider-electric ecostruxure Control Expert
Schneider-electric |
Information
Published : 2020-11-19 22:15
Updated : 2023-12-10 13:41
NVD link : CVE-2020-28211
Mitre link : CVE-2020-28211
CVE.ORG link : CVE-2020-28211
JSON object : View
Products Affected
schneider-electric
- ecostruxure_control_expert
CWE
CWE-863
Incorrect Authorization