Описание
An attacker may obtain the user credentials from the communication between the PLC and the software. As a result, the PLC user program may be uploaded, altered, and/or downloaded.
An attacker may obtain the user credentials from the communication between the PLC and the software. As a result, the PLC user program may be uploaded, altered, and/or downloaded.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2021-37400
- https://jvn.jp/en/vu/JVNVU92279973
- https://us.idec.com/idec-us/en/USD/Programmable-Logic-Controller/Micro-PLC/FC6A-MicroSmart/c/MicroSmart_FC6A
- https://us.idec.com/idec-us/en/USD/Software-Downloads-Automation-Organizer
- https://www.idec.com/home/lp/pdf/2021-12-24-PLC.pdf
Связанные уязвимости
CVSS3: 9.8
nvd
около 4 лет назад
An attacker may obtain the user credentials from the communication between the PLC and the software. As a result, the PLC user program may be uploaded, altered, and/or downloaded.