CVE-2020-10620

EPSS 1.2%CWE-285

Opto 22 SoftPAC Project Version 9.6 and prior. SoftPAC communication does not include any credentials. This allows an attacker with network access to directly communicate with SoftPAC, including, for example, stopping the service remotely.

Affected products

n/a · Opto 22 SoftPAC Project

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.us-cert.gov/ics/advisories/icsa-20-135-01