CVE-2020-28214

A CWE-760: Use of a One-Way Hash with a Predictable Salt vulnerability exists in Modicon M221 (all references, all versions), that could allow an attacker to pre-compute the hash value using dictionary attack technique such as rainbow tables, effectively disabling the protection that an unpredictable salt would provide.
References
Link Resource
https://www.se.com/ww/en/download/document/SEVD-2020-315-05/ Vendor Advisory
https://us-cert.cisa.gov/ics/advisories/icsa-20-343-04 Third Party Advisory US Government Resource
Configurations

Configuration 1


Information

Published : 2020-12-11 01:15

Updated : 2022-02-03 04:10


NVD link : CVE-2020-28214

Mitre link : CVE-2020-28214

CWE
CWE-760

Use of a One-Way Hash with a Predictable Salt