CVE-2024-41716
- EPSS 0.46%
- Veröffentlicht 04.09.2024 01:15:11
- Zuletzt bearbeitet 13.03.2025 15:15:47
Cleartext storage of sensitive information vulnerability exists in WindLDR and WindO/I-NV4. If this vulnerability is exploited, an attacker who obtained the product's project file may obtain user credentials of the PLC or Operator Interfaces. As a re...
CVE-2021-37400
- EPSS 0.7%
- Veröffentlicht 28.12.2021 13:15:08
- Zuletzt bearbeitet 21.11.2024 06:15:05
An attacker may obtain the user credentials from the communication between the PLC and the software. As a result, the PLC user program may be uploaded, altered, and/or downloaded.
CVE-2021-37401
- EPSS 0.7%
- Veröffentlicht 28.12.2021 13:15:08
- Zuletzt bearbeitet 21.11.2024 06:15:05
An attacker may obtain the user credentials from file servers, backup repositories, or ZLD files saved in SD cards. As a result, the PLC user program may be uploaded, altered, and/or downloaded.
CVE-2021-20826
- EPSS 0.09%
- Veröffentlicht 24.12.2021 07:15:06
- Zuletzt bearbeitet 21.11.2024 05:47:14
Unprotected transport of credentials vulnerability in IDEC PLCs (FC6A Series MICROSmart All-in-One CPU module v2.32 and earlier, FC6A Series MICROSmart Plus CPU module v1.91 and earlier, WindLDR v8.19.1 and earlier, WindEDIT Lite v1.3.1 and earlier, ...
CVE-2021-20827
- EPSS 0.15%
- Veröffentlicht 24.12.2021 07:15:06
- Zuletzt bearbeitet 21.11.2024 05:47:14
Plaintext storage of a password vulnerability in IDEC PLCs (FC6A Series MICROSmart All-in-One CPU module v2.32 and earlier, FC6A Series MICROSmart Plus CPU module v1.91 and earlier, WindLDR v8.19.1 and earlier, WindEDIT Lite v1.3.1 and earlier, and D...