2 matches found
CVE-2021-37401
IDEC PLCs are affected by CVE-2021-37401 (Plaintext storage of a password). The trusted‑credentials leakage occurs when an attacker obtains user credentials from file servers, backup repositories, or ZLD files saved on SD cards, enabling unauthorized PLC program upload/alteration/download. The jo...
CVE-2021-37400
The CVE-2021-37400 issue affects IDEC IDEC PLCs (e.g., FC6A/FC6B MICROSmart modules, FT1A SmartAXIS Pro/Lite, WindLDR, WindEDIT Lite, Data File Manager) where credentials are transmitted without proper protection. The root cause is Unprotected Transport of Credentials (CWE-523) in PLC-to-software...