Lucene search

Unity Pro Security Vulnerabilities - 2020

cve

CVE-2019-6855

Incorrect Authorization vulnerability exists in EcoStruxure Control Expert (all versions prior to 14.1 Hot Fix), Unity Pro (all versions), Modicon M340 (all versions prior to V3.20) , and Modicon M580 (all versions prior to V3.10), which could cause a bypass of the authentication process between Ec...

7.3CVSS

7.2AI Score

0.001EPSS

2020-01-06 11:15 PM

148

cve

CVE-2020-7475

A CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection'), reflective DLL, vulnerability exists in EcoStruxure Control Expert (all versions prior to 14.1 Hot Fix), Unity Pro (all versions), Modicon M340 (all versions prior to V3.20), Modicon M580 (...

9.8CVSS

9.2AI Score

0.002EPSS

2020-03-23 07:15 PM

cve

CVE-2020-7560

A CWE-123: Write-what-where Condition vulnerability exists in EcoStruxure™ Control Expert (all versions) and Unity Pro (former name of EcoStruxure™ Control Expert) (all versions), that could cause a crash of the software or unexpected code execution when opening a malicious file in EcoStruxure™ Con...

8.6CVSS

8.7AI Score

0.001EPSS

2020-12-11 01:15 AM