{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-23T17:22:33.063","vulnerabilities":[{"cve":{"id":"CVE-2020-28211","sourceIdentifier":"cybersecurity@se.com","published":"2020-11-19T22:15:13.410","lastModified":"2024-11-21T05:22:28.933","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A CWE-863: Incorrect Authorization vulnerability exists in PLC Simulator on EcoStruxureª Control Expert (now Unity Pro) (all versions) that could cause bypass of authentication when overwriting memory using a debugger."},{"lang":"es","value":"CWE-863: Se presenta una vulnerabilidad Autorización Incorrecta en Simulador de PLC en EcoStruxureª Control Expert (ahora Unity Pro) (todas las versiones) que podría causar una omisión de la autenticación cuando se sobrescribe la memoria usando un depurador"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:P/A:P","baseScore":4.6,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":3.9,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"cybersecurity@se.com","type":"Secondary","description":[{"lang":"en","value":"CWE-863"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:schneider-electric:ecostruxure_control_expert:*:*:*:*:*:*:*:*","matchCriteriaId":"18E8CCC1-A467-4FEF-964D-8481EAE892EC"}]}]}],"references":[{"url":"https://www.se.com/ww/en/download/document/SEVD-2020-315-07","source":"cybersecurity@se.com","tags":["Patch","Vendor Advisory"]},{"url":"https://www.se.com/ww/en/download/document/SEVD-2020-315-07","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}}]}