A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists in PLC Simulator on EcoStruxureª Control Expert (now Unity Pro) (all versions) that could cause unauthorized command execution when a brute force attack is done over Modbus.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HSchneider Electric Ecostruxure Control Expert
APPSchneider-Electricwszystkie wersje
Powiązane podatności
A CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability exists that could cause unaut...
A heap-based buffer overflow exists in XML Decompression DecodeTreeBlock in AT&T Labs Xmill 0.7. A crafted inp...
Authentication Bypass by Spoofing vulnerability exists in EcoStruxure Control Expert (all versions prior to V1...
A CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection'), ...
CWE-522: Insufficiently Protected Credentials vulnerability exists that could cause unauthorized access to th...