An attacker may obtain the user credentials from file servers, backup repositories, or ZLD files saved in SD cards. As a result, the PLC user program may be uploaded, altered, and/or downloaded.
References
Link | Resource |
---|---|
https://jvn.jp/en/vu/JVNVU92279973/ | Third Party Advisory |
https://us.idec.com/idec-us/en/USD/Programmable-Logic-Controller/Micro-PLC/FC6A-MicroSmart/c/MicroSmart_FC6A | Vendor Advisory |
https://us.idec.com/idec-us/en/USD/Software-Downloads-Automation-Organizer | Vendor Advisory |
https://www.idec.com/home/lp/pdf/2021-12-24-PLC.pdf | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2021-12-28T12:09:52
Updated: 2021-12-28T12:16:24
Reserved: 2021-07-21T00:00:00
Link: CVE-2021-37401
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-12-28T13:15:08.267
Modified: 2022-01-07T20:29:50.673
Link: CVE-2021-37401
JSON object: View
Redhat Information
No data.
CWE