CVE-2020-37143

HIGH

ProficySCADA for iOS <5.0.25920 - DoS

Title source: llm

Description

ProficySCADA for iOS 5.0.25920 contains a denial of service vulnerability that allows attackers to crash the application by manipulating the password input field. Attackers can overwrite the password field with 257 bytes of repeated characters to trigger an application crash and prevent successful authentication.

Exploits (1)

exploitdb WORKING POC

by Ivan Marmolejo · pythondosios

https://www.exploit-db.com/exploits/48236

View Code ZIP pw:eip

References (3)

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/48236

[Various Sources] https://download.cnet.com/proficyscada/3000-2064_4-75728256.html

[Third Party Advisory] https://www.vulncheck.com/advisories/proficyscada-for-ios-password-denial-of-service

Scores

CVSS v3 7.5

EPSS 0.0002

EPSS Percentile 6.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-770

Status published

Products (1)

GE Intelligent Platforms, Inc./ProficySCADA for iOS 5.0.25920

Published Feb 05, 2026

Tracked Since Feb 18, 2026