EUVD-2024-39160

Malicious code in bioql PyPI...

CVE-2024-41716

Cleartext storage of sensitive information vulnerability exists in WindLDR and WindO/I-NV4. If this vulnerability is exploited, an attacker who obtained the product's project file may obtain user credentials of the PLC or Operator Interfaces. As a result, an attacker may be able to manipulate...

IDEC CORPORATION WindLDR and WindO/I-NV4

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION : Exploitable remotely Vendor : IDEC Corporation Equipment : WindLDR, WindO/I-NV4 Vulnerability : Cleartext Storage of Sensitive Information 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to obtain...

CVE-2024-41716

Cleartext storage of sensitive information vulnerability exists in WindLDR and WindO/I-NV4. If this vulnerability is exploited, an attacker who obtained the product's project file may obtain user credentials of the PLC or Operator Interfaces. As a result, an attacker may be able to manipulate...

CVE-2024-41716

Cleartext storage of sensitive information vulnerability exists in WindLDR and WindO/I-NV4. If this vulnerability is exploited, an attacker who obtained the product's project file may obtain user credentials of the PLC or Operator Interfaces. As a result, an attacker may be able to manipulate...

CVE-2024-41716

Cleartext storage of sensitive information vulnerability exists in WindLDR and WindO/I-NV4. If this vulnerability is exploited, an attacker who obtained the product's project file may obtain user credentials of the PLC or Operator Interfaces. As a result, an attacker may be able to manipulate...

CVE-2024-41716

CVE-2024-41716 affects IDEC WindLDR and WindO/I-NV4. The issue is cleartext storage of sensitive information (CWE-312) in project files, enabling an attacker who obtains a project file to exfiltrate user credentials for the PLC/operator interfaces and potentially manipulate or suspend devices. Af...

CVE-2024-41716

Cleartext storage of sensitive information vulnerability exists in WindLDR and WindO/I-NV4. If this vulnerability is exploited, an attacker who obtained the product's project file may obtain user credentials of the PLC or Operator Interfaces. As a result, an attacker may be able to manipulate...

PT-2024-29532 · Unknown +1 · Windo/I-Nv4 +1

Name of the Vulnerable Software and Affected Versions: WindLDR affected versions not specified WindO/I-NV4 affected versions not specified Description: A cleartext storage of sensitive information issue exists, allowing an attacker who obtains the product's project file to potentially gain user...

WindLDR and WindO/I-NV4 store sensitive information in cleartext

Overview PLC programming software "WindLDR" and Operator Interfaces' Touchscreen Programming Software "WindO/I-NV4" provided by IDEC Corporation store sensitive information in cleartext form CWE-312. Yuki Meguro of Toinx Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the...

WindLDR和WindO/I-NV4 安全漏洞

IDEC WindLDR and WindO/I-NV4 are both products of IDEC Corporation of Japan.WindLDR is a PLC programming software.WindO/I-NV4 is operator interface touch screen programming software. A security vulnerability exists in WindLDR V9.1.0 and earlier versions and WindO/I-NV4 V3.0.1 and earlier versions...

JVN#08342147: WindLDR and WindO/I-NV4 store sensitive information in cleartext

PLC programming software "WindLDR" and Operator Interfaces' Touchscreen Programming Software "WindO/I-NV4" provided by IDEC Corporation store sensitive information in cleartext form CWE-312. Impact An attacker who obtained the product's project file may obtain user credentials of the PLC or...

Design/Logic Flaw

Unprotected transport of credentials vulnerability in IDEC PLCs FC6A Series MICROSmart All-in-One CPU module v2.32 and earlier, FC6A Series MICROSmart Plus CPU module v1.91 and earlier, WindLDR v8.19.1 and earlier, WindEDIT Lite v1.3.1 and earlier, and Data File Manager v2.12.1 and earlier allows...

CVE-2021-20827

CVE-2021-20827 describes plaintext storage of a password vulnerability in IDEC PLCs, allowing an attacker to obtain PLC Web server credentials from SD cards (ZLD files) or file backups and potentially hijack the PLC. Affected products and versions include IDEC FC6A/MICROSmart All-in-One CPU Modul...

IDEC PLC安全漏洞

The IDEC PLC is a programmable controller. A security vulnerability exists in the IDEC PLC that could allow an attacker to obtain PLC web server user credentials from the communication between the PLC and the software. The following products and versions are affected: FC6A Series MICROSmart...