CVE-2021-20826

Unprotected transport of credentials vulnerability in IDEC PLCs (FC6A Series MICROSmart All-in-One CPU module v2.32 and earlier, FC6A Series MICROSmart Plus CPU module v1.91 and earlier, WindLDR v8.19.1 and earlier, WindEDIT Lite v1.3.1 and earlier, and Data File Manager v2.12.1 and earlier) allows an attacker to obtain the PLC Web server user credentials from the communication between the PLC and the software. As a result, the complete access privileges to the PLC Web server may be obtained, and manipulation of the PLC output and/or suspension of the PLC may be conducted.

CVSS v3.0 7.6 HIGH
CVSS v2.0 3.3 LOW

7.6^/10

CVSS v3.0 : HIGH

Vector :

Exploitability : 2.8 / Impact : 4.7

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact LOW

Availability Impact LOW

Scope UNCHANGED

3.3^/10

CVSS v2.0 : LOW

Vector : AV:A/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 6.5 / Impact : 2.9

Access Vector ADJACENT_NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
https://www.idec.com/home/lp/pdf/2021-12-24-PLC.pdf	Vendor Advisory
https://jvn.jp/en/vu/JVNVU92279973/index.html	Third Party Advisory

Advertisement

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:idec:microsmart_fc6a_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:idec:microsmart_fc6a:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:idec:microsmart_plus_fc6a_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:idec:microsmart_plus_fc6a:-:*:*:*:*:*:*:*

Configuration 3 (hide)

OR	cpe:2.3:a:idec:data_file_manager::::::::
	cpe:2.3:a:idec:windedit::::::::
	cpe:2.3:a:idec:windldr::::::::

Information

Published : 2021-12-23 23:15

Updated : 2022-01-11 10:18

NVD link : CVE-2021-20826

Mitre link : CVE-2021-20826

JSON object : View

CWE

CWE-522

Insufficiently Protected Credentials

Advertisement

Products Affected

idec

windldr
microsmart_plus_fc6a_firmware
microsmart_fc6a_firmware
windedit
microsmart_plus_fc6a
data_file_manager
microsmart_fc6a

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://www.idec.com/home/lp/pdf/2021-12-24-PLC.pdf", "name": "https://www.idec.com/home/lp/pdf/2021-12-24-PLC.pdf", "tags": ["Vendor Advisory"], "refsource": "MISC"}, {"url": "https://jvn.jp/en/vu/JVNVU92279973/index.html", "name": "https://jvn.jp/en/vu/JVNVU92279973/index.html", "tags": ["Third Party Advisory"], "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Unprotected transport of credentials vulnerability in IDEC PLCs (FC6A Series MICROSmart All-in-One CPU module v2.32 and earlier, FC6A Series MICROSmart Plus CPU module v1.91 and earlier, WindLDR v8.19.1 and earlier, WindEDIT Lite v1.3.1 and earlier, and Data File Manager v2.12.1 and earlier) allows an attacker to obtain the PLC Web server user credentials from the communication between the PLC and the software. As a result, the complete access privileges to the PLC Web server may be obtained, and manipulation of the PLC output and/or suspension of the PLC may be conducted."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-522"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2021-20826", "ASSIGNER": "vultures@jpcert.or.jp"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 3.3, "accessVector": "ADJACENT_NETWORK", "vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "severity": "LOW", "acInsufInfo": false, "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 6.5, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.6, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 4.7, "exploitabilityScore": 2.8}}, "publishedDate": "2021-12-24T07:15Z", "configurations": {"nodes": [{"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:idec:microsmart_fc6a_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "2.32"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:idec:microsmart_fc6a:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:idec:microsmart_plus_fc6a_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "1.91"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:idec:microsmart_plus_fc6a:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:idec:data_file_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "2.12.1"}, {"cpe23Uri": "cpe:2.3:a:idec:windedit:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "1.3.1"}, {"cpe23Uri": "cpe:2.3:a:idec:windldr:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "8.19.1"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2022-01-11T18:18Z"}