An incorrect authentication vulnerability has been found in Socomec Net Vision affecting version 7.20. This vulnerability allows an attacker to perform a brute force attack on the application and recover a valid session, because the application uses a five-digit integer value.
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.