MEDIUM🇬🇧 English

CVE-2020-28214

CVSS 5.5v3.1pub. 2020-12-11upd. 2026-05-28

A CWE-760: Use of a One-Way Hash with a Predictable Salt vulnerability exists in Modicon M221 (all references, all versions), that could allow an attacker to pre-compute the hash value using dictionary attack technique such as rainbow tables, effectively disabling the protection that an unpredictable salt would provide.

oryginał EN
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
  • Schneider Electric Modicon M221

    HW
    Schneider-Electric
    wszystkie wersje
  • Schneider Electric Modicon M221 Firmware

    OS
    Schneider-Electric
    wszystkie wersje
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2020-7489CRITICAL9.8ten sam produkt

A CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') v...

CVE-2018-7790CRITICAL9.8ten sam produkt

An Information Management Error vulnerability exists in Schneider Electric's Modicon M221 product (all referen...

CVE-2018-7791CRITICAL9.8ten sam produkt

A Permissions, Privileges, and Access Control vulnerability exists in Schneider Electric's Modicon M221 produc...

CVE-2020-7565HIGH7.3ten sam produkt

A CWE-326: Inadequate Encryption Strength vulnerability exists in Modicon M221 (all references, all versions) ...

CVE-2020-7566HIGH7.3ten sam produkt

A CWE-334: Small Space of Random Values vulnerability exists in Modicon M221 (all references, all versions) th...

CVE-2020-28214 — MEDIUM 5.5 | CVEbaza.pl