PT-2023-9096 — Cleartext Transmission of Sensitive Information in Yokogawa Yokogawa Fa-M3

PT-2023-9096 · Yokogawa · Yokogawa Fa-M3

Published

2023-06-06

Updated

2023-06-06

CVSS v2.0

3.3

Low

Vector

AV:A/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Yokogawa FA-M3 (affected versions not specified)

Description The issue is related to the implementation of the FTP protocol in the Yokogawa FA-M3 programmable logic controller software, which involves the transmission of sensitive information in plain text. This could allow a remote attacker to disclose protected information.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Cleartext Transmission of Sensitive Information

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-319

Related Identifiers

BDU:2024-03566

Affected Products

Yokogawa Fa-M3

PT-2023-9096 · Yokogawa · Yokogawa Fa-M3

Weakness Enumeration

Related Identifiers

Affected Products

References · 1