M1Etz

**Name of the Vulnerable Software and Affected Versions** Horner Automation's RCC 972 version 15.40 **Description** The configuration files of the affected device are encrypted with weak XOR encryption, making them vulnerable to reverse engineering. This could allow an attacker to obtain credentials for running services such as File Transfer Protocol (FTP) and Hypertext Transfer Protocol (HTTP). **Recommendations** For version 15.40, consider disabling or restricting access to FTP and HTTP services until a patch or update is available to address the weak XOR encryption. As a temporary workaround, restrict access to configuration files to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Horner Automation’s RCC 972 version 15.40 **Description** The issue is related to a static encryption key on the device, which could allow an attacker to perform unauthorized changes, remotely execute arbitrary code, or cause a denial-of-service condition. **Recommendations** For version 15.40, consider updating the firmware to a version that does not use a static encryption key, however, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Horner Automation’s RCC 972 firmware version 15.40 **Description** The issue concerns the presence of global variables in the firmware, which could allow an attacker to read out sensitive values and variable keys from the device. **Recommendations** For version 15.40, consider restricting access to the device to minimize the risk of exploitation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.