CVE-2021-20827

Plaintext storage of a password vulnerability in IDEC PLCs (FC6A Series MICROSmart All-in-One CPU module v2.32 and earlier, FC6A Series MICROSmart Plus CPU module v1.91 and earlier, WindLDR v8.19.1 and earlier, WindEDIT Lite v1.3.1 and earlier, and Data File Manager v2.12.1 and earlier) allows an attacker to obtain the PLC Web server user credentials from file servers, backup repositories, or ZLD files saved in SD cards. As a result, the attacker may access the PLC Web server and hijack the PLC, and manipulation of the PLC output and/or suspension of the PLC may be conducted.

CVSS v3.0 7.5 HIGH
CVSS v2.0 5.0 MEDIUM

7.5^/10

CVSS v3.0 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
https://www.idec.com/home/lp/pdf/2021-12-24-PLC.pdf	Vendor Advisory
https://jvn.jp/en/vu/JVNVU92279973/index.html	Third Party Advisory

Advertisement

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:idec:microsmart_fc6a_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:idec:microsmart_fc6a:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:idec:microsmart_plus_fc6a_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:idec:microsmart_plus_fc6a:-:*:*:*:*:*:*:*

Configuration 3 (hide)

OR	cpe:2.3:a:idec:data_file_manager::::::::
	cpe:2.3:a:idec:windedit::::::::
	cpe:2.3:a:idec:windldr::::::::

Information

Published : 2021-12-23 23:15

Updated : 2022-01-11 10:42

NVD link : CVE-2021-20827

Mitre link : CVE-2021-20827

JSON object : View

CWE

CWE-312

Cleartext Storage of Sensitive Information

Advertisement

Products Affected

idec

windldr
microsmart_plus_fc6a_firmware
microsmart_fc6a_firmware
windedit
microsmart_plus_fc6a
data_file_manager
microsmart_fc6a

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://www.idec.com/home/lp/pdf/2021-12-24-PLC.pdf", "name": "https://www.idec.com/home/lp/pdf/2021-12-24-PLC.pdf", "tags": ["Vendor Advisory"], "refsource": "MISC"}, {"url": "https://jvn.jp/en/vu/JVNVU92279973/index.html", "name": "https://jvn.jp/en/vu/JVNVU92279973/index.html", "tags": ["Third Party Advisory"], "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Plaintext storage of a password vulnerability in IDEC PLCs (FC6A Series MICROSmart All-in-One CPU module v2.32 and earlier, FC6A Series MICROSmart Plus CPU module v1.91 and earlier, WindLDR v8.19.1 and earlier, WindEDIT Lite v1.3.1 and earlier, and Data File Manager v2.12.1 and earlier) allows an attacker to obtain the PLC Web server user credentials from file servers, backup repositories, or ZLD files saved in SD cards. As a result, the attacker may access the PLC Web server and hijack the PLC, and manipulation of the PLC output and/or suspension of the PLC may be conducted."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-312"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2021-20827", "ASSIGNER": "vultures@jpcert.or.jp"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "severity": "MEDIUM", "acInsufInfo": false, "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}}, "publishedDate": "2021-12-24T07:15Z", "configurations": {"nodes": [{"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:idec:microsmart_fc6a_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "2.32"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:idec:microsmart_fc6a:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:idec:microsmart_plus_fc6a_firmware:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "1.91"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:idec:microsmart_plus_fc6a:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:idec:data_file_manager:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "2.12.1"}, {"cpe23Uri": "cpe:2.3:a:idec:windedit:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "1.3.1"}, {"cpe23Uri": "cpe:2.3:a:idec:windldr:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "8.19.1"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2022-01-11T18:42Z"}