Lucene search

JpcertCVE-2024-41927

HistorySep 04, 2024 - 1:15 a.m.

CVE-2024-41927

2024-09-0401:15:11

CWE-319

jpcert

web.nvd.nist.gov

cve-2024-41927

cleartext transmission

sensitive information

idec plcs

serial communication port

user credentials

program manipulation

CVSS3

4.6

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

6.6

Confidence

Low

EPSS

0.001

Percentile

21.4%

JSON

Cleartext transmission of sensitive information vulnerability exists in multiple IDEC PLCs. If an attacker sends a specific command to PLC’s serial communication port, user credentials may be obtained. As a result, the program of the PLC may be obtained, and the PLC may be manipulated.

Affected configurations

Nvd

Vulners

Node

ideckit-fc6a-24-kc_firmwareRange≤2.60

AND

ideckit-fc6a-24-kcMatch-

Node

ideckit-fc6a-24-pc_firmwareRange≤2.60

AND

ideckit-fc6a-24-pcMatch-

Node

ideckit-fc6a-24-ra_firmwareRange≤2.60

AND

ideckit-fc6a-24-raMatch-

Node

ideckit-fc6a-24-ra-hg1g_firmwareRange≤2.60

AND

ideckit-fc6a-24-ra-hg1gMatch-

Node

ideckit-fc6a-24-ra-hg2g-5tn_firmwareRange≤2.60

AND

ideckit-fc6a-24-ra-hg2g-5tnMatch-

Node

ideckit-fc6a-24-ra-hg2g-5tt_firmwareRange≤2.60

AND

ideckit-fc6a-24-ra-hg2g-5ttMatch-

Node

ideckit-fc6a-24-rc-hg1g_firmwareRange≤2.60

AND

ideckit-fc6a-24-rc-hg1gMatch-

Node

ideckit-fc6a-24-rc_firmwareRange≤2.60

AND

ideckit-fc6a-24-rcMatch-

Node

ideckit-fc6a-24-rc-hg2g-5tn_firmwareRange≤2.60

AND

ideckit-fc6a-24-rc-hg2g-5tnMatch-

Node

ideckit-fc6a-24-rc-hg2g-5tt_firmwareRange≤2.60

AND

ideckit-fc6a-24-rc-hg2g-5ttMatch-

Node

ideckit-fc6a-c24r-hg2g-vhp_firmwareRange≤2.60

AND

ideckit-fc6a-c24r-hg2g-vhpMatch-

Node

ideckit-fc6a-c24r-hg3g-v8hp_firmwareRange≤2.60

AND

ideckit-fc6a-c24r-hg3g-v8hpMatch-

Node

ideckit-fc6a-c24r-hg3g-vahp_firmwareRange≤2.60

AND

ideckit-fc6a-c24r-hg3g-vahpMatch-

Node

ideckit-fc6a-c24r-hg4g-vhp_firmwareRange≤2.60

AND

ideckit-fc6a-c24r-hg4g-vhpMatch-

Node

ideckit-fc6a-c24r-hg5g-vhp_firmwareRange≤2.60

AND

ideckit-fc6a-c24r-hg5g-vhpMatch-

Node

ideckit-fc6a-16-pc_firmwareRange≤2.6

AND

ideckit-fc6a-16-pcMatch-

Node

ideckit-fc6a-16-ra_firmwareRange≤2.60

AND

ideckit-fc6a-16-raMatch-

Node

ideckit-fc6a-16-kc_firmwareRange≤2.60

AND

ideckit-fc6a-16-kcMatch-

Node

ideckit-fc6a-16-ra-hg1g_firmwareRange≤2.60

AND

ideckit-fc6a-16-ra-hg1gMatch-

Node

ideckit-fc6a-16-ra-hg2g-5tn_firmwareRange≤2.60

AND

ideckit-fc6a-16-ra-hg2g-5tnMatch-

Node

ideckit-fc6a-16-ra-hg2g-5tt_firmwareRange≤2.60

AND

ideckit-fc6a-16-ra-hg2g-5ttMatch-

Node

ideckit-fc6a-16-rc_firmwareRange≤2.60

AND

ideckit-fc6a-16-rcMatch-

Node

ideckit-fc6a-16-rc-hg2g-5tn_firmwareRange≤2.60

AND

ideckit-fc6a-16-rc-hg2g-5tnMatch-

Node

ideckit-fc6a-16-rc-hg1g_firmwareRange≤2.60

AND

ideckit-fc6a-16-rc-hg1gMatch-

Node

ideckit-fc6a-16-rc-hg2g-5tt_firmwareRange≤2.60

AND

ideckit-fc6a-16-rc-hg2g-5ttMatch-

Node

ideckit-fc6a-16-kd_firmwareRange≤2.60

AND

ideckit-fc6a-16-kdMatch-

Node

ideckit-fc6a-16-pd_firmwareRange≤2.60

AND

ideckit-fc6a-16-pdMatch-

Node

ideckit-fc6a-c16r-hg2g-vhp_firmwareRange≤2.60

AND

ideckit-fc6a-c16r-hg2g-vhpMatch-

Node

ideckit-fc6a-c16r-hg3g-v8hp_firmwareRange≤2.60

AND

ideckit-fc6a-c16r-hg3g-v8hpMatch-

Node

ideckit-fc6a-c16r-hg3g-vahp_firmwareRange≤2.60

AND

ideckit-fc6a-c16r-hg3g-vahpMatch-

Node

ideckit-fc6a-c16r-hg5g-vhp_firmwareRange≤2.60

AND

ideckit-fc6a-c16r-hg5g-vhpMatch-

Node

ideckit-fc6a-c16r-hg5g-vhp_firmwareRange≤2.60

AND

ideckit-fc6a-c16r-hg5g-vhpMatch-

Node

ideckit-fc6a-16-rd_firmwareRange≤2.60

AND

ideckit-fc6a-16-rdMatch-

Node

ideckit-fc6a-16-rd_firmwareRange≤2.60

AND

ideckit-fc6a-16-rdMatch-

Node

ideckit-fc6a-40-kd_firmwareRange≤2.60

AND

ideckit-fc6a-40-kdMatch-

Node

ideckit-fc6a-40-pc_firmwareRange≤2.60

AND

ideckit-fc6a-40-pcMatch-

Node

ideckit-fc6a-40-pd_firmwareRange≤2.60

AND

ideckit-fc6a-40-pdMatch-

Node

ideckit-fc6a-40-ra_firmwareRange≤2.60

AND

ideckit-fc6a-40-raMatch-

Node

ideckit-fc6a-40-rd_firmwareRange≤2.60

AND

ideckit-fc6a-40-rdMatch-

Node

ideckit-fc6a-40-rc_firmwareRange≤2.60

AND

ideckit-fc6a-40-rcMatch-

Node

ideckit-fc6a-d16p-hg1g_firmwareRange≤2.40

AND

ideckit-fc6a-d16p-hg1gMatch-

Node

ideckit-fc6a-d16p-hg2g-5tn_firmwareRange≤2.40

AND

ideckit-fc6a-d16p-hg2g-5tnMatch-

Node

ideckit-fc6a-d16p-hg2g-5tt_firmwareRange≤2.40

AND

ideckit-fc6a-d16p-hg2g-5ttMatch-

Node

ideckit-fc6a-d16r-hg2g-5tn_firmwareRange≤2.40

AND

ideckit-fc6a-d16r-hg2g-5tnMatch-

Node

ideckit-fc6a-d16r-hg2g-5tt_firmwareRange≤2.40

AND

ideckit-fc6a-d16r-hg2g-5ttMatch-

Node

ideckit-fc6a-d16r-hg3g-v8hp_firmwareRange≤2.40

AND

ideckit-fc6a-d16r-hg3g-v8hpMatch-

Node

ideckit-fc6a-d16r-hg3g-vahp_firmwareRange≤2.40

AND

ideckit-fc6a-d16r-hg3g-vahpMatch-

Node

ideckit-fc6a-d16r-hg4g-vhp_firmwareRange≤2.40

AND

ideckit-fc6a-d16r-hg4g-vhpMatch-

Node

ideckit-fc6a-d16r-hg5g-vhp_firmwareRange≤2.40

AND

ideckit-fc6a-d16r-hg5g-vhpMatch-

Node

ideckit-fc6a-d16r-hg1g_firmwareRange≤2.40

AND

ideckit-fc6a-d16r-hg1gMatch-

Node

ideckit-fc6a-d16r-hg2g-vhp_firmwareRange≤2.40

AND

ideckit-fc6a-d16r-hg2g-vhpMatch-

Node

ideckit-fc6a-p16-k_firmwareRange≤2.40

AND

ideckit-fc6a-p16-kMatch-

Node

ideckit-fc6a-p16-r_firmwareRange≤2.40

AND

ideckit-fc6a-p16-rMatch-

Node

ideckit-fc6a-p16-s_firmwareRange≤2.40

AND

ideckit-fc6a-p16-sMatch-

Node

idecft1a-h12ra_firmwareRange≤2.41

AND

idecft1a-h12raMatch-

Node

idecft1a-h24ra_firmwareRange≤2.41

AND

idecft1a-h24raMatch-

Node

idecft1a-h24rc_firmwareRange≤2.41

AND

idecft1a-h24rcMatch-

Node

idecft1a-h12rc_firmwareRange≤2.41

AND

idecft1a-h12rcMatch-

Node

idecft1a-b12ra_firmwareRange≤2.41

AND

idecft1a-b12raMatch-

Node

idecft1a-b24ra_firmwareRange≤2.41

AND

idecft1a-b24raMatch-

Node

ideckit-smart-12-bac_firmwareRange≤2.41

AND

ideckit-smart-12-bacMatch-

Node

ideckit-smart-12-hac_firmwareRange≤2.41

AND

ideckit-smart-12-hacMatch-

Node

ideckit-smart-12-bdc_firmwareRange≤2.41

AND

ideckit-smart-12-bdcMatch-

Node

ideckit-smart-12-hdc_firmwareRange≤2.41

AND

ideckit-smart-12-hdcMatch-

Node

ideckit-smart-24-hac_firmwareRange≤2.41

AND

ideckit-smart-24-hacMatch-

Node

ideckit-smart-24-bac_firmwareRange≤2.41

AND

ideckit-smart-24-bacMatch-

Node

ideckit-smart-24-bdc_firmwareRange≤2.41

AND

ideckit-smart-24-bdcMatch-

Node

ideckit-smart-24-hdc_firmwareRange≤2.41

AND

ideckit-smart-24-hdcMatch-

Node

ideckit-smart-40-bac-r_firmwareRange≤2.41

AND

ideckit-smart-40-bac-rMatch-

Node

ideckit-smart-40-bdc-rk_firmwareRange≤2.41

AND

ideckit-smart-40-bdc-rkMatch-

Node

ideckit-smart-40-bdc-rs_firmwareRange≤2.41

AND

ideckit-smart-40-bdc-rsMatch-

Node

ideckit-smart-40-hac-r_firmwareRange≤2.41

AND

ideckit-smart-40-hac-rMatch-

Node

ideckit-smart-40-hdc-rk_firmwareRange≤2.41

AND

ideckit-smart-40-hdc-rkMatch-

Node

ideckit-smart-48-bac-k_firmwareRange≤2.41

AND

ideckit-smart-48-bac-kMatch-

Node

ideckit-smart-40-hdc-rs_firmwareRange≤2.41

AND

ideckit-smart-40-hdc-rsMatch-

Node

ideckit-smart-48-bac-s_firmwareRange≤2.41

AND

ideckit-smart-48-bac-sMatch-

Node

ideckit-smart-48-bdc-k_firmwareRange≤2.41

AND

ideckit-smart-48-bdc-kMatch-

Node

ideckit-smart-48-hac-k_firmwareRange≤2.41

AND

ideckit-smart-48-hac-kMatch-

Node

ideckit-smart-48-hac-s_firmwareRange≤2.41

AND

ideckit-smart-48-hac-sMatch-

Node

ideckit-smart-48-hac-k_firmwareRange≤2.41

AND

ideckit-smart-48-hac-kMatch-

Node

ideckit-smart-48-hdc-s_firmwareRange≤2.41

AND

ideckit-smart-48-hdc-sMatch-

Node

ideckit-smart-48-bdc-s_firmwareRange≤2.41

AND

ideckit-smart-48-bdc-sMatch-

Node

idecft1a-pc1_firmwareRange≤2.41

AND

idecft1a-pc1Match-

Node

idecft1a-pc2_firmwareRange≤2.41

AND

idecft1a-pc2Match-

Node

idecft1a-pc3_firmwareRange≤2.41

AND

idecft1a-pc3Match-

Node

idecft1a-pm1_firmwareRange≤2.41

AND

idecft1a-pm1Match-

Node

idecft9z-1a01_firmwareRange≤2.41

AND

idecft9z-1a01Match-

Node

idecft9z-psp1pn05_firmwareRange≤2.41

AND

idecft9z-psp1pn05Match-

Node

idechg9z-xcm2a_firmwareRange≤2.41

AND

idechg9z-xcm2aMatch-

Node

ideckit-fc6a-d32p-hg1g_firmwareRange≤2.40

AND

ideckit-fc6a-d32p-hg1gMatch-

Node

ideckit-fc6a-d32p-hg2g-5tn_firmwareRange≤2.40

AND

ideckit-fc6a-d32p-hg2g-5tnMatch-

Node

ideckit-fc6a-d32p-hg2g-5tt_firmwareRange≤2.40

AND

ideckit-fc6a-d32p-hg2g-5ttMatch-

Node

ideckit-fc6a-p32-k_firmwareRange≤2.40

AND

ideckit-fc6a-p32-kMatch-

Node

ideckit-fc6a-p32-s_firmwareRange≤2.40

AND

ideckit-fc6a-p32-sMatch-

VendorProductVersionCPE
ideckit-fc6a-24-kc_firmware*cpe:2.3:o:idec:kit-fc6a-24-kc_firmware:*:*:*:*:*:*:*:*
ideckit-fc6a-24-kc-cpe:2.3:h:idec:kit-fc6a-24-kc:-:*:*:*:*:*:*:*
ideckit-fc6a-24-pc_firmware*cpe:2.3:o:idec:kit-fc6a-24-pc_firmware:*:*:*:*:*:*:*:*
ideckit-fc6a-24-pc-cpe:2.3:h:idec:kit-fc6a-24-pc:-:*:*:*:*:*:*:*
ideckit-fc6a-24-ra_firmware*cpe:2.3:o:idec:kit-fc6a-24-ra_firmware:*:*:*:*:*:*:*:*
ideckit-fc6a-24-ra-cpe:2.3:h:idec:kit-fc6a-24-ra:-:*:*:*:*:*:*:*
ideckit-fc6a-24-ra-hg1g_firmware*cpe:2.3:o:idec:kit-fc6a-24-ra-hg1g_firmware:*:*:*:*:*:*:*:*
ideckit-fc6a-24-ra-hg1g-cpe:2.3:h:idec:kit-fc6a-24-ra-hg1g:-:*:*:*:*:*:*:*
ideckit-fc6a-24-ra-hg2g-5tn_firmware*cpe:2.3:o:idec:kit-fc6a-24-ra-hg2g-5tn_firmware:*:*:*:*:*:*:*:*
ideckit-fc6a-24-ra-hg2g-5tn-cpe:2.3:h:idec:kit-fc6a-24-ra-hg2g-5tn:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
idec	kit-fc6a-24-kc_firmware	*	cpe:2.3:o:idec:kit-fc6a-24-kc_firmware::::::::
idec	kit-fc6a-24-kc	-	cpe:2.3:h:idec:kit-fc6a-24-kc:-:::::::*
idec	kit-fc6a-24-pc_firmware	*	cpe:2.3:o:idec:kit-fc6a-24-pc_firmware::::::::
idec	kit-fc6a-24-pc	-	cpe:2.3:h:idec:kit-fc6a-24-pc:-:::::::*
idec	kit-fc6a-24-ra_firmware	*	cpe:2.3:o:idec:kit-fc6a-24-ra_firmware::::::::
idec	kit-fc6a-24-ra	-	cpe:2.3:h:idec:kit-fc6a-24-ra:-:::::::*
idec	kit-fc6a-24-ra-hg1g_firmware	*	cpe:2.3:o:idec:kit-fc6a-24-ra-hg1g_firmware::::::::
idec	kit-fc6a-24-ra-hg1g	-	cpe:2.3:h:idec:kit-fc6a-24-ra-hg1g:-:::::::*
idec	kit-fc6a-24-ra-hg2g-5tn_firmware	*	cpe:2.3:o:idec:kit-fc6a-24-ra-hg2g-5tn_firmware::::::::
idec	kit-fc6a-24-ra-hg2g-5tn	-	cpe:2.3:h:idec:kit-fc6a-24-ra-hg2g-5tn:-:::::::*

Rows per page:

1-10 of 1821

CNA Affected

[
  {
    "vendor": "IDEC Corporation",
    "product": "FC6A Series MICROSmart All-in-One CPU module",
    "versions": [
      {
        "version": "Ver.2.60 and earlier",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "IDEC Corporation",
    "product": "FC6B Series MICROSmart All-in-One CPU module",
    "versions": [
      {
        "version": "Ver.2.60 and earlier",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "IDEC Corporation",
    "product": "FC6A Series MICROSmart Plus CPU module",
    "versions": [
      {
        "version": "Ver.2.40 and earlier",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "IDEC Corporation",
    "product": "FC6B Series MICROSmart Plus CPU module",
    "versions": [
      {
        "version": "Ver.2.60 and earlier",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "IDEC Corporation",
    "product": "FT1A Series SmartAXIS Pro/Lite",
    "versions": [
      {
        "version": "Ver.2.41 and earlier",
        "status": "affected"
      }
    ]
  }
]

References

jvn.jp/en/vu/JVNVU96959731/

us.idec.com/media/24-RD-0256-EN.pdf

CVSS3

4.6

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

6.6

Confidence

Low

EPSS

0.001

Percentile

21.4%

JSON

Related for CVE-2024-41927