CVE-2024-41927

Sept. 4, 2024, 1:05 p.m.

Undergoing Analysis
CVE has been recently published to the CVE List and has been received by the NVD.

Products

IDEC PLC

Source

vultures@jpcert.or.jp

Tags

CVE-2024-41927 details

Published : Sept. 4, 2024, 1:15 a.m.
Last Modified : Sept. 4, 2024, 1:05 p.m.

Description

Cleartext transmission of sensitive information vulnerability exists in multiple IDEC PLCs. If an attacker sends a specific command to PLC's serial communication port, user credentials may be obtained. As a result, the program of the PLC may be obtained, and the PLC may be manipulated.

CVSS Score

1 2 3 4 5 6 7 8 9 10

Weakness

Weakness Name Description

References

URL Source
https://jvn.jp/en/vu/JVNVU96959731/ vultures@jpcert.or.jp
https://us.idec.com/media/24-RD-0256-EN.pdf vultures@jpcert.or.jp
This website uses the NVD API, but is not approved or certified by it.