CVE-2020-28213

CVE-2020-28213

Vendor N/A
Product PLC Simulator on EcoStruxureª Control Expert (now Unity Pro) (all versions)
Weakness CWE-494 · Download without integrity check
Published November 19, 2020
Last update August 4, 2024

CVSS base score

What the vulnerability does

01Description

A CWE-494: Download of Code Without Integrity Check vulnerability exists in PLC Simulator on EcoStruxureª Control Expert (now Unity Pro) (all versions) that could cause unauthorized command execution when sending specially crafted requests over Modbus.

Key dates

02Disclosure timeline

November 19, 2020 CVE published
August 4, 2024 Record updated