CVE-2020-7559

Summary

A CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability exists in PLC Simulator on EcoStruxureª Control Expert (now Unity Pro) (all versions) that could cause a crash of the PLC simulator present in EcoStruxureª Control Expert software when receiving a specially crafted request over Modbus.

Affected Software

VendorProductVersion RangeStatus
n/aPLC Simulator on EcoStruxureª Control Expert (now Unity Pro) (all versions)PLC Simulator on EcoStruxureª Control Expert (now Unity Pro) (all versions)affected

Weaknesses

  • CWE-120: CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

ADP Enrichment

CVE Program Container

Additional References

References