CVE-2024-43099 AutomationDirect DirectLogic H2-DM1E Authentication Bypass by Capture-replay
The session hijacking attack targets the application layer's control mechanism, which manages authenticated sessions between a host PC and a PLC. During such sessions, a session key is utilized to maintain security. However, if an attacker captures this session key, they can inject traffic into a...