Multiple vulnerabilities in IDEC PLCs
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 4 |
| CVE-ID | CVE-2021-37400 CVE-2021-37401 CVE-2021-20826 CVE-2021-20827 |
| CWE-ID | CWE-523 CWE-256 |
| Exploitation vector | Local network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
FC6A MICROSmart All-in-One CPU Module Hardware solutions / Firmware FC6B MICROSmart All-in-One CPU Module Hardware solutions / Firmware FC6A MICROSmart Plus CPU Module Hardware solutions / Firmware FC6B MICROSmart Plus CPU Module Hardware solutions / Firmware FT1A Controller SmartAXIS Pro/Lite Hardware solutions / Firmware WindLDR Hardware solutions / Firmware WindEDIT Lite Hardware solutions / Firmware Data File Manager Hardware solutions / Firmware WindEDIT Hardware solutions / Firmware |
| Vendor | IDEC Corporation |
Security Bulletin
This security bulletin contains information about 4 vulnerabilities.
1) Unprotected Transport of Credentials
EUVDB-ID: #VU59292
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-37400
CWE-ID:
CWE-523 - Unprotected Transport of Credentials
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to password leakage. A remote attacker on the local network can obtain the user credentials from the communication between the PLC and the software.
MitigationInstall updates from vendor's website.
Vulnerable software versionsFC6A MICROSmart All-in-One CPU Module: 2.32
FC6B MICROSmart All-in-One CPU Module: 2.31
FC6A MICROSmart Plus CPU Module: 1.91
FC6B MICROSmart Plus CPU Module: 2.31
FT1A Controller SmartAXIS Pro/Lite: 2.31
WindLDR: 8.19.1
WindEDIT Lite: 1.3.1
Data File Manager: 2.12.1
WindEDIT: 1.3.1
External linkshttp://us.idec.com/idec-us/en/USD/Software-Downloads-Automation-Organizer
http://www.idec.com/home/lp/pdf/2021-12-24-PLC.pdf
http://us.idec.com/idec-us/en/USD/Programmable-Logic-Controller/Micro-PLC/FC6A-MicroSmart/c/MicroSmart_FC6A
http://jvn.jp/en/vu/JVNVU92279973/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Unprotected storage of credentials
EUVDB-ID: #VU59294
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-37401
CWE-ID:
CWE-256 - Unprotected Storage of Credentials
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to other users' credentials.
The vulnerability exists due to application stored credentials in plain text in a configuration file on the system. A remote attacker on the local network can view contents of the configuration file and gain access to passwords for 3rd party integration.
MitigationInstall updates from vendor's website.
Vulnerable software versionsFC6A MICROSmart All-in-One CPU Module: 2.32
FC6B MICROSmart All-in-One CPU Module: 2.31
FC6A MICROSmart Plus CPU Module: 1.91
FC6B MICROSmart Plus CPU Module: 2.31
FT1A Controller SmartAXIS Pro/Lite: 2.31
WindLDR: 8.19.1
WindEDIT Lite: 1.3.1
Data File Manager: 2.12.1
WindEDIT: 1.3.1
External linkshttp://us.idec.com/idec-us/en/USD/Software-Downloads-Automation-Organizer
http://www.idec.com/home/lp/pdf/2021-12-24-PLC.pdf
http://us.idec.com/idec-us/en/USD/Programmable-Logic-Controller/Micro-PLC/FC6A-MicroSmart/c/MicroSmart_FC6A
http://jvn.jp/en/vu/JVNVU92279973/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Unprotected Transport of Credentials
EUVDB-ID: #VU59296
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-20826
CWE-ID:
CWE-523 - Unprotected Transport of Credentials
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to password leakage. A remote attacker on the local network can obtain the PLC web server user credentials from the communication between the PLC and the software.
MitigationInstall updates from vendor's website.
Vulnerable software versionsFC6A MICROSmart All-in-One CPU Module: 2.32
FC6B MICROSmart All-in-One CPU Module: 2.31
FC6A MICROSmart Plus CPU Module: 1.91
FC6B MICROSmart Plus CPU Module: 2.31
FT1A Controller SmartAXIS Pro/Lite: 2.31
WindLDR: 8.19.1
WindEDIT Lite: 1.3.1
Data File Manager: 2.12.1
WindEDIT: 1.3.1
External linkshttp://us.idec.com/idec-us/en/USD/Software-Downloads-Automation-Organizer
http://www.idec.com/home/lp/pdf/2021-12-24-PLC.pdf
http://us.idec.com/idec-us/en/USD/Programmable-Logic-Controller/Micro-PLC/FC6A-MicroSmart/c/MicroSmart_FC6A
http://jvn.jp/en/vu/JVNVU92279973/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Unprotected storage of credentials
EUVDB-ID: #VU59297
Risk: Low
CVSSv3.1: 6.6 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-20827
CWE-ID:
CWE-256 - Unprotected Storage of Credentials
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to other users' credentials.
The vulnerability exists due to application stored credentials in plain text in a configuration file on the system. A remote attacker on the local network can obtain the PLC web server user credentials from file servers, backup repositories, or ZLD files saved in SD cards.
MitigationInstall updates from vendor's website.
Vulnerable software versionsFC6A MICROSmart All-in-One CPU Module: 2.32
FC6B MICROSmart All-in-One CPU Module: 2.31
FC6A MICROSmart Plus CPU Module: 1.91
FC6B MICROSmart Plus CPU Module: 2.31
FT1A Controller SmartAXIS Pro/Lite: 2.31
WindLDR: 8.19.1
WindEDIT Lite: 1.3.1
Data File Manager: 2.12.1
WindEDIT: 1.3.1
External linkshttp://us.idec.com/idec-us/en/USD/Software-Downloads-Automation-Organizer
http://www.idec.com/home/lp/pdf/2021-12-24-PLC.pdf
http://us.idec.com/idec-us/en/USD/Programmable-Logic-Controller/Micro-PLC/FC6A-MicroSmart/c/MicroSmart_FC6A
http://jvn.jp/en/vu/JVNVU92279973/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
