Opto22 Softpac Project — known CVE vulnerabilities
Every CVE whose affected-product data names Opto22 Softpac Project, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2020-10620 — CVSS 9.8 (critical): Opto 22 SoftPAC Project Version 9.6 and prior. SoftPAC communication does not include any credentials. This allows an attacker with network…
CVE-2020-10612 — CVSS 9.1 (critical): Opto 22 SoftPAC Project Version 9.6 and prior. SoftPACAgent communicates with SoftPACMonitor over network Port 22000. However, this port is…
CVE-2020-10616 — CVSS 8.8 (high): Opto 22 SoftPAC Project Version 9.6 and prior. SoftPAC does not specify the path of multiple imported .dll files. Therefore, an attacker…
CVE-2020-12042 — CVSS 6.5 (medium): Opto 22 SoftPAC Project Version 9.6 and prior. Paths specified within the zip files used to update the SoftPAC firmware are not sanitized…
CVE-2020-12046 — CVSS 5.7 (medium): Opto 22 SoftPAC Project Version 9.6 and prior. SoftPAC’s firmware files’ signatures are not verified upon firmware update. This allows…