Skip to main content

Kit Fc6A 24 Kc Firmware CVE-2024-41927

MEDIUM
Cleartext Transmission of Sensitive Information (CWE-319)
2024-09-04 vultures@jpcert.or.jp
Information Disclosure Kit Fc6A 24 Kc Firmware Kit Fc6A 24 Pc Firmware Kit Fc6A 24 Ra Firmware Kit Fc6A 24 Ra Hg1G Firmware Kit Fc6A 24 Ra Hg2G 5Tn Firmware Kit Fc6A 24 Ra Hg2G 5Tt Firmware Kit Fc6A 24 Rc Hg1G Firmware Kit Fc6A 24 Rc Firmware Kit Fc6A 24 Rc Hg2G 5Tn Firmware Kit Fc6A 24 Rc Hg2G 5Tt Firmware Kit Fc6A C24R Hg2G Vhp Firmware Kit Fc6A C24R Hg3G V8Hp Firmware Kit Fc6A C24R Hg3G Vahp Firmware Kit Fc6A C24R Hg4G Vhp Firmware Kit Fc6A C24R Hg5G Vhp Firmware Kit Fc6A 16 Pc Firmware Kit Fc6A 16 Ra Firmware Kit Fc6A 16 Kc Firmware Kit Fc6A 16 Ra Hg1G Firmware Kit Fc6A 16 Ra Hg2G 5Tn Firmware Kit Fc6A 16 Ra Hg2G 5Tt Firmware Kit Fc6A 16 Rc Firmware Kit Fc6A 16 Rc Hg2G 5Tn Firmware Kit Fc6A 16 Rc Hg1G Firmware Kit Fc6A 16 Rc Hg2G 5Tt Firmware Kit Fc6A 16 Kd Firmware Kit Fc6A 16 Pd Firmware Kit Fc6A C16R Hg2G Vhp Firmware Kit Fc6A C16R Hg3G V8Hp Firmware Kit Fc6A C16R Hg3G Vahp Firmware Kit Fc6A C16R Hg5G Vhp Firmware Kit Fc6A 16 Rd Firmware Kit Fc6A 40 Kd Firmware Kit Fc6A 40 Pc Firmware Kit Fc6A 40 Pd Firmware Kit Fc6A 40 Ra Firmware Kit Fc6A 40 Rd Firmware Kit Fc6A 40 Rc Firmware Kit Fc6A D16P Hg1G Firmware Kit Fc6A D16P Hg2G 5Tn Firmware Kit Fc6A D16P Hg2G 5Tt Firmware Kit Fc6A D16R Hg2G 5Tn Firmware Kit Fc6A D16R Hg2G 5Tt Firmware Kit Fc6A D16R Hg3G V8Hp Firmware Kit Fc6A D16R Hg3G Vahp Firmware Kit Fc6A D16R Hg4G Vhp Firmware Kit Fc6A D16R Hg5G Vhp Firmware Kit Fc6A D16R Hg1G Firmware Kit Fc6A D16R Hg2G Vhp Firmware Kit Fc6A P16 K Firmware Kit Fc6A P16 R Firmware Kit Fc6A P16 S Firmware Ft1A H12Ra Firmware Ft1A H24Ra Firmware Ft1A H24Rc Firmware Ft1A H12Rc Firmware Ft1A B12Ra Firmware Ft1A B24Ra Firmware Kit Smart 12 Bac Firmware Kit Smart 12 Hac Firmware Kit Smart 12 Bdc Firmware Kit Smart 12 Hdc Firmware Kit Smart 24 Hac Firmware Kit Smart 24 Bac Firmware Kit Smart 24 Bdc Firmware Kit Smart 24 Hdc Firmware Kit Smart 40 Bac R Firmware Kit Smart 40 Bdc Rk Firmware Kit Smart 40 Bdc Rs Firmware Kit Smart 40 Hac R Firmware Kit Smart 40 Hdc Rk Firmware Kit Smart 48 Bac K Firmware Kit Smart 40 Hdc Rs Firmware Kit Smart 48 Bac S Firmware Kit Smart 48 Bdc K Firmware Kit Smart 48 Hac K Firmware Kit Smart 48 Hac S Firmware Kit Smart 48 Hdc S Firmware Kit Smart 48 Bdc S Firmware Ft1A Pc1 Firmware Ft1A Pc2 Firmware Ft1A Pc3 Firmware Ft1A Pm1 Firmware Ft9Z 1A01 Firmware Ft9Z Psp1Pn05 Firmware Hg9Z Xcm2A Firmware Kit Fc6A D32P Hg1G Firmware Kit Fc6A D32P Hg2G 5Tn Firmware Kit Fc6A D32P Hg2G 5Tt Firmware Kit Fc6A P32 K Firmware Kit Fc6A P32 S Firmware
4.6
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
4.6 MEDIUM
AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Physical
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

1
CVE Published
Sep 04, 2024 - 01:15 nvd
MEDIUM 4.6

DescriptionNVD

Cleartext transmission of sensitive information vulnerability exists in multiple IDEC PLCs. If an attacker sends a specific command to PLC's serial communication port, user credentials may be obtained. As a result, the program of the PLC may be obtained, and the PLC may be manipulated.

AnalysisAI

Cleartext transmission of sensitive information vulnerability exists in multiple IDEC PLCs. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-319. Cleartext transmission of sensitive information vulnerability exists in multiple IDEC PLCs. If an attacker sends a specific command to PLC's serial communication port, user credentials may be obtained. As a result, the program of the PLC may be obtained, and the PLC may be manipulated. Affected products include: Idec Kit-Fc6A-24-Kc Firmware, Idec Kit-Fc6A-24-Pc Firmware, Idec Kit-Fc6A-24-Ra Firmware, Idec Kit-Fc6A-24-Ra-Hg1G Firmware, Idec Kit-Fc6A-24-Ra-Hg2G-5Tn Firmware.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

Share

CVE-2024-41927 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy