Automation Direct CLICK PLC CPU Modules Authentication Bypass Using an Alternate Path or Channel
All programming connections receive the same unlocked privileges, which can result in a privilege escalation. During the time Automation Direct CLICK PLC CPU Modules: C0-1x CPUs with firmware prior to v3.00 is unlocked by an authorized user, an attacker can connect to the PLC and read the project without authorization.
Automation Direct CLICK PLC CPU Modules Authentication Bypass Using an Alternate Path or Channel
All programming connections receive the same unlocked privileges, which can result in a privilege escalation. During the time Automation Direct CLICK PLC CPU Modules: C0-1x CPUs with firmware prior to v3.00 is unlocked by an authorized user, an attacker can connect to the PLC and read the project without authorization.
Description: CWE-288: Authentication Bypass Using an Alternate Path or Channel
Metrics
Version
Base score
Base severity
Vector
3.1
9.8
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Version:3.1
Base score:9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC ID
Description
Solutions
Automation Direct reports these vulnerabilities are all mitigated by Version 3.00 and recommends users update software and firmware to the latest version.
Automation Direct also recommends users follow its security guidelines.
Configurations
Workarounds
Exploits
Credits
Irfan Ahmed and Adeen Ayub of Virginia Commonwealth University and Hyunguk Yoo of the University of New Orleans reported these vulnerabilities to Automation Direct.
All programming connections receive the same unlocked privileges, which can result in a privilege escalation. During the time Automation Direct CLICK PLC CPU Modules: C0-1x CPUs with firmware prior to v3.00 is unlocked by an authorized user, an attacker can connect to the PLC and read the project without authorization.