CVE-2020-28214

Name of the Vulnerable Software and Affected Versions Modicon M221 (all versions)

Description A vulnerability exists that could allow an attacker to pre-compute the hash value using dictionary attack techniques such as rainbow tables, effectively disabling the protection that an unpredictable salt would provide. This issue is related to the use of a one-way hash with a predictable salt.

Recommendations For Modicon M221, consider implementing an unpredictable salt to prevent pre-computation of hash values. As a temporary workaround, restrict access to sensitive areas where the hash is used until a more secure hashing mechanism is implemented.