CVE-2020-28212

CVE-2020-28212

Vendor N/A
Product PLC Simulator on EcoStruxureª Control Expert (now Unity Pro) (all versions)
Weakness CWE-307 · Brute force
Published November 19, 2020
Last update August 4, 2024

CVSS base score

What the vulnerability does

01Description

A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists in PLC Simulator on EcoStruxureª Control Expert (now Unity Pro) (all versions) that could cause unauthorized command execution when a brute force attack is done over Modbus.

Key dates

02Disclosure timeline

November 19, 2020 CVE published
August 4, 2024 Record updated