Design/Logic Flaw

2021-12-2813:15:00

PRIOn knowledge base

www.prio-n.com

9.4 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

72.2%

JSON

An attacker may obtain the user credentials from the communication between the PLC and the software. As a result, the PLC user program may be uploaded, altered, and/or downloaded.

CPENameOperatorVersion
data_file_managerle2.12.1
ft1a_smartaxix_lite_firmwarele2.31
ft1a_smartaxix_pro_firmwarele2.31
microsmart_fc6a_firmwarele2.32
microsmart_fc6b_firmwarele2.31
microsmart_plus_fc6a_firmwarele1.91
microsmart_plus_fc6b_firmwarele2.31
windeditle1.3.1
windldrle8.19.1

Name	Operator	Version
data_file_manager	le	2.12.1
ft1a_smartaxix_lite_firmware	le	2.31
ft1a_smartaxix_pro_firmware	le	2.31
microsmart_fc6a_firmware	le	2.32
microsmart_fc6b_firmware	le	2.31
microsmart_plus_fc6a_firmware	le	1.91
microsmart_plus_fc6b_firmware	le	2.31
windedit	le	1.3.1
windldr	le	8.19.1