CVE-2020-7567

CVE-2020-7567

Vendor N/A
Product Modicon M221, all references, all versions
Weakness CWE-311 · Missing encryption
Published November 19, 2020
Last update May 29, 2026

CVSS base score

What the vulnerability does

01Description

A CWE-311: Missing Encryption of Sensitive Data vulnerability exists in Modicon M221 (all references, all versions) that could allow the attacker to find the password hash when the attacker has captured the traffic between EcoStruxure Machine - Basic software and Modicon M221 controller and broke the encryption keys.

Key dates

02Disclosure timeline

November 19, 2020 CVE published
May 29, 2026 Record updated