CVE-2021-20826

24.12.2021, 07:15

Unprotected transport of credentials vulnerability in IDEC PLCs (FC6A Series MICROSmart All-in-One CPU module v2.32 and earlier, FC6A Series MICROSmart Plus CPU module v1.91 and earlier, WindLDR v8.19.1 and earlier, WindEDIT Lite v1.3.1 and earlier, and Data File Manager v2.12.1 and earlier) allows an attacker to obtain the PLC Web server user credentials from the communication between the PLC and the software. As a result, the complete access privileges to the PLC Web server may be obtained, and manipulation of the PLC output and/or suspension of the PLC may be conducted.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	7.6 HIGH	ADJACENT_NETWORK	LOW	NONE	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L
jpcert	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 26%

Vendor	Product	Version
idec	microsmart_fc6a_firmware	𝑥 ≤ 2.32
idec	microsmart_plus_fc6a_firmware	𝑥 ≤ 1.91
idec	data_file_manager	𝑥 ≤ 2.12.1
idec	windedit	𝑥 ≤ 1.3.1
idec	windldr	𝑥 ≤ 8.19.1

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-522 - Insufficiently Protected Credentials
The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

References

https://jvn.jp/en/vu/JVNVU92279973/index.html

https://www.idec.com/home/lp/pdf/2021-12-24-PLC.pdf

https://jvn.jp/en/vu/JVNVU92279973/index.html

https://www.idec.com/home/lp/pdf/2021-12-24-PLC.pdf