CVE-2024-41927 Information

Sep 05, 2024 cve

Description

Cleartext transmission of sensitive information vulnerability exists in multiple IDEC PLCs. If an attacker sends a specific command to PLC’s serial communication port user credentials may be obtained. As a result the program of the PLC may be obtained and the PLC may be manipulated.

Reference

https://us.idec.com/media/24-RD-0256-EN.pdf https://jvn.jp/en/vu/JVNVU96959731/

Share on: