CVE-2020-37143

HIGH

ProficySCADA for iOS <5.0.25920 - DoS

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2020-37143. PoCs published by Ivan Marmolejo.

AI-analyzed exploit summary This exploit demonstrates a local Denial of Service (DoS) vulnerability in ProficySCADA for iOS by sending a 257-byte buffer of 'A' characters as a password, causing the application to crash. The PoC is straightforward and relies on clipboard input to trigger the crash.

Description

ProficySCADA for iOS 5.0.25920 contains a denial of service vulnerability that allows attackers to crash the application by manipulating the password input field. Attackers can overwrite the password field with 257 bytes of repeated characters to trigger an application crash and prevent successful authentication.

Exploits (1)

exploitdb WORKING POC
by Ivan Marmolejo · pythondosios
https://www.exploit-db.com/exploits/48236

This exploit demonstrates a local Denial of Service (DoS) vulnerability in ProficySCADA for iOS by sending a 257-byte buffer of 'A' characters as a password, causing the application to crash. The PoC is straightforward and relies on clipboard input to trigger the crash.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: ProficySCADA for iOS 5.0.25920
No auth needed
Prerequisites: Access to the target iOS device · ProficySCADA for iOS installed · Ability to run Python script and copy clipboard content
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Scores

CVSS v3 7.5
EPSS 0.0034
EPSS Percentile 25.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact partial

Details

CWE
CWE-770
Status published
Products (1)
GE Intelligent Platforms, Inc./ProficySCADA for iOS 5.0.25920
Published Feb 05, 2026
Tracked Since Feb 18, 2026