CVE-2020-6972

EPSS 1.3%CWE-294

In Notifier Web Server (NWS) Version 3.50 and earlier, the Honeywell Fire Web Server’s authentication may be bypassed by a capture-replay attack from a web browser.

Produtos afetados

Honeywell · Notifier Web Server (NWS) Version 3.50 and earlier

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://www.us-cert.gov/ics/advisories/icsa-20-051-03