Vulnerabilities > CVE-2020-28213 - Unspecified vulnerability in Schneider-Electric Ecostruxure Control Expert
Attack vector
NETWORK Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
A CWE-494: Download of Code Without Integrity Check vulnerability exists in PLC Simulator on EcoStruxureª Control Expert (now Unity Pro) (all versions) that could cause unauthorized command execution when sending specially crafted requests over Modbus.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |