3 matches found
CVE-2024-45368
The H2-DM1E PLC's authentication protocol appears to utilize either a custom encoding scheme or a challenge-response protocol. However, there's an observed anomaly in the H2-DM1E PLC's protocol execution, namely its acceptance of multiple distinct packets as valid authentication responses. This...
CVE-2024-45368
The H2-DM1E PLC's authentication protocol appears to utilize either a custom encoding scheme or a challenge-response protocol. However, there's an observed anomaly in the H2-DM1E PLC's protocol execution, namely its acceptance of multiple distinct packets as valid authentication responses. This...
CVE-2024-45368
CVE-2024-45368 affects AutomationDirect DirectLogic H2-DM1E PLC (versions 2.8.0 and earlier). The vulnerability stems from an authentication protocol that may accept multiple distinct packets as valid responses, enabling potential session hijacking or bypass. Reports cite session fixation and aut...