Design/Logic Flaw

2020-11-1922:15:00

PRIOn knowledge base

www.prio-n.com

8.8 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

42.7%

JSON

A CWE-494: Download of Code Without Integrity Check vulnerability exists in PLC Simulator on EcoStruxureª Control Expert (now Unity Pro) (all versions) that could cause unauthorized command execution when sending specially crafted requests over Modbus.

References

www.se.com/ww/en/download/document/SEVD-2020-315-07