CVE-2024-41716

Sept. 4, 2024, 1:05 p.m.

Undergoing Analysis
CVE has been recently published to the CVE List and has been received by the NVD.

Products

WindLDR

WindO/I-NV4

Source

vultures@jpcert.or.jp

Tags

CVE-2024-41716 details

Published : Sept. 4, 2024, 1:15 a.m.
Last Modified : Sept. 4, 2024, 1:05 p.m.

Description

Cleartext storage of sensitive information vulnerability exists in WindLDR and WindO/I-NV4. If this vulnerability is exploited, an attacker who obtained the product's project file may obtain user credentials of the PLC or Operator Interfaces. As a result, an attacker may be able to manipulate and/or suspend the PLC and Operator Interfaces by accessing or hijacking them.

CVSS Score

1 2 3 4 5 6 7 8 9 10

Weakness

Weakness Name Description

References

URL Source
https://jvn.jp/en/jp/JVN08342147/ vultures@jpcert.or.jp
https://us.idec.com/media/24-RD-0219-EN.pdf vultures@jpcert.or.jp
This website uses the NVD API, but is not approved or certified by it.