Improper Enforcement of Message Integrity During Transmission in a Communication Channel
CVE-2020-10635
Summary
Simulation models for KUKA.Sim Pro version 3.1 are hosted by a server maintained by KUKA. When these devices request a model, the server transmits the model in plaintext.
- LOW
- NETWORK
- LOW
- UNCHANGED
- REQUIRED
- NONE
- NONE
- NONE
CWE-924 - Improper Enforcement of Message Integrity During Transmission in a Communication Channel
The software establishes a communication channel with an endpoint and receives a message from that endpoint, but it does not sufficiently ensure that the message was not modified during transmission.
References
Advisory Timeline
- Published