CVE-2020-10609 Vulnerability Details

  /     /     /  

CVE-2020-10609 Metadata Quick Info

CVE Published: 27/07/2020 | CVE Updated: 17/09/2024 | CVE Year: 2020
Source: icscert | Vendor: Grundfos | Product: CIM 500
Status : PUBLISHED

---

CVE-2020-10609 Description

Grundfos CIM 500 v06.16.00 stores plaintext credentials, which may allow sensitive information to be read or allow modification to system settings by someone with access to the device.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID: CWE-256
CWE Name: UNPROTECTED STORAGE OF CREDENTIALS CWE-256
Source: Grundfos

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).