Описание
An authorization bypass vulnerability has been discovered in the Click Plus C2-03CPU2 device firmware version 3.60. Through the KOPR protocol utilized by the Remote PLC application, authenticated users with low-level access permissions can exploit this vulnerability to read and modify PLC variables beyond their intended authorization level.
EPSS
Процентиль: 7%
0.0003
Низкий
6.8 Medium
CVSS3
Дефекты
CWE-862
Связанные уязвимости
CVSS3: 6.8
github
около 2 месяцев назад
An authorization bypass vulnerability has been discovered in the Click Plus C2-03CPU2 device firmware version 3.60. Through the KOPR protocol utilized by the Remote PLC application, authenticated users with low-level access permissions can exploit this vulnerability to read and modify PLC variables beyond their intended authorization level.
EPSS
Процентиль: 7%
0.0003
Низкий
6.8 Medium
CVSS3
Дефекты
CWE-862