PT-2024-29532 · Windldr+1 · Windldr+1
Yuki Meguro
·
Published
2024-09-03
·
Updated
2024-09-13
·
CVE-2024-41716
CVSS v3.1
8.1
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
WindLDR (affected versions not specified)
WindO/I-NV4 (affected versions not specified)
Description
A cleartext storage of sensitive information issue exists, allowing an attacker who obtains the product's project file to potentially gain user credentials of the PLC or Operator Interfaces. This could enable the attacker to manipulate and/or suspend the PLC and Operator Interfaces by accessing or hijacking them.
Recommendations
For WindLDR, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
For WindO/I-NV4, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
Cleartext Storage of Sensitive Information
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Windldr
Windo/I-Nv4