CVE-2020-7501

Name of the Vulnerable Software and Affected Versions Vijeo Designer Basic versions V1.1 HotFix 16 and prior Vijeo Designer versions V6.2 SP9 and prior

Description The issue is related to the use of hard-coded credentials. Exploitation of this issue may allow a remote attacker to gain unauthorized access to protected information. This could result in unauthorized read and write operations when downloading and uploading projects or firmware into Vijeo Designer Basic and Vijeo Designer.

Recommendations For Vijeo Designer Basic versions V1.1 HotFix 16 and prior, update to a version later than V1.1 HotFix 16 to resolve the issue. For Vijeo Designer versions V6.2 SP9 and prior, update to a version later than V6.2 SP9 to resolve the issue. As a temporary workaround, consider restricting access to the download and upload functions in Vijeo Designer Basic and Vijeo Designer until a patch is available.