CVE-2021-20827

24.12.2021, 07:15

Plaintext storage of a password vulnerability in IDEC PLCs (FC6A Series MICROSmart All-in-One CPU module v2.32 and earlier, FC6A Series MICROSmart Plus CPU module v1.91 and earlier, WindLDR v8.19.1 and earlier, WindEDIT Lite v1.3.1 and earlier, and Data File Manager v2.12.1 and earlier) allows an attacker to obtain the PLC Web server user credentials from file servers, backup repositories, or ZLD files saved in SD cards. As a result, the attacker may access the PLC Web server and hijack the PLC, and manipulation of the PLC output and/or suspension of the PLC may be conducted.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	7.5 HIGH	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
jpcert	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 36%

Vendor	Product	Version
idec	microsmart_fc6a_firmware	𝑥 ≤ 2.32
idec	microsmart_plus_fc6a_firmware	𝑥 ≤ 1.91
idec	data_file_manager	𝑥 ≤ 2.12.1
idec	windedit	𝑥 ≤ 1.3.1
idec	windldr	𝑥 ≤ 8.19.1

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-312 - Cleartext Storage of Sensitive Information
The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.

References

https://jvn.jp/en/vu/JVNVU92279973/index.html

https://www.idec.com/home/lp/pdf/2021-12-24-PLC.pdf

https://jvn.jp/en/vu/JVNVU92279973/index.html

https://www.idec.com/home/lp/pdf/2021-12-24-PLC.pdf