1. CVE-Search
  2. CVE-2020-10620
ID CVE-2020-10620
Summary Opto 22 SoftPAC Project Version 9.6 and prior. SoftPAC communication does not include any credentials. This allows an attacker with network access to directly communicate with SoftPAC, including, for example, stopping the service remotely.
References
Vulnerable Configurations
  • cpe:2.3:a:opto22:softpac_project:-:*:*:*:*:*:*:*
    cpe:2.3:a:opto22:softpac_project:-:*:*:*:*:*:*:*
  • cpe:2.3:a:opto22:softpac_project:9.6:*:*:*:*:*:*:*
    cpe:2.3:a:opto22:softpac_project:9.6:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 18-05-2020 - 13:15)
Impact:
Exploitability:
CWE CWE-862
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
refmap via4
misc https://www.us-cert.gov/ics/advisories/icsa-20-135-01
Last major update 18-05-2020 - 13:15
Published 14-05-2020 - 21:15
Last modified 18-05-2020 - 13:15
Back to Top