Vulnerabilities > CVE-2020-10635 - Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in Kuka SIM PRO 3.1

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

kuka

CWE-924

NVD

Published: 2022-02-24

Updated: 2022-03-04

Summary

Simulation models for KUKA.Sim Pro version 3.1 are hosted by a server maintained by KUKA. When these devices request a model, the server transmits the model in plaintext.

Vulnerable Configurations

Part	Description	Count
Application	Kuka Kuka SIM PRO 3.1	1

Common Weakness Enumeration (CWE)

CWE-924 - Improper Enforcement of Message Integrity During Transmission in a Communication Channel

References

https://www.cisa.gov/uscert/ics/advisories/icsa-20-098-05