CVE-2020-28212

A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists in PLC Simulator on EcoStruxureª Control Expert (now Unity Pro) (all versions) that could cause unauthorized command execution when a brute force attack is done over Modbus.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:schneider-electric:ecostruxure_control_expert:*:*:*:*:*:*:*:*

History

31 Jan 2022, 19:33

Type Values Removed Values Added
First Time Schneider-electric ecostruxure Control Expert
Schneider-electric
CPE cpe:2.3:a:se:ecostruxure_control_expert:*:*:*:*:*:*:*:* cpe:2.3:a:schneider-electric:ecostruxure_control_expert:*:*:*:*:*:*:*:*

Information

Published : 2020-11-19 22:15

Updated : 2023-12-10 13:41


NVD link : CVE-2020-28212

Mitre link : CVE-2020-28212

CVE.ORG link : CVE-2020-28212


JSON object : View

Products Affected

schneider-electric

  • ecostruxure_control_expert
CWE
CWE-307

Improper Restriction of Excessive Authentication Attempts