CVE-2020-7498

CVE-2020-7498

Vendor N/A
Product Unity Loader and OS Loader Software (All versions)
Weakness CWE-798 · Hardcoded credentials
Published June 16, 2020
Last update August 4, 2024

CVSS base score

What the vulnerability does

01Description

A CWE-798: Use of Hard-coded Credentials vulnerability exists in the Unity Loader and OS Loader Software (all versions). The fixed credentials are used to simplify file transfer. Today the use of fixed credentials is considered a vulnerability, which could cause unauthorized access to the file transfer service provided by the Modicon PLCs. This could result in various unintended results.

Key dates

02Disclosure timeline

June 16, 2020 CVE published
August 4, 2024 Record updated