Описание
The use of a hard-coded cryptographic key was discovered in firmware version 3.60 of the Click Plus PLC. The vulnerability relies on the fact that the software contains a hard-coded AES key used to protect the initial messages of a new KOPS session.
EPSS
Процентиль: 16%
0.00051
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-321
Связанные уязвимости
CVSS3: 5.3
github
5 месяцев назад
The use of a hard-coded cryptographic key was discovered in firmware version 3.60 of the Click Plus PLC. The vulnerability relies on the fact that the software contains a hard-coded AES key used to protect the initial messages of a new KOPS session.
EPSS
Процентиль: 16%
0.00051
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-321