Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2024-41927
PUBLISHED
More InfoOfficial Page
Assigner-jpcert
Assigner Org ID-ede6fdc4-6654-4307-a26d-3331c018e2ce
View Known Exploited Vulnerability (KEV) details
Published At-04 Sep, 2024 | 00:43
Updated At-02 Jul, 2025 | 01:23
Rejected At-
▼CVE Numbering Authority (CNA)

Cleartext transmission of sensitive information vulnerability exists in multiple IDEC PLCs. If an attacker sends a specific command to PLC's serial communication port, user credentials may be obtained. As a result, the program of the PLC may be obtained, and the PLC may be manipulated.

Affected Products
Vendor
IDEC Corporation
Product
FC6A Series MICROSmart All-in-One CPU module
Versions
Affected
  • Ver.2.60 and earlier
Vendor
IDEC Corporation
Product
FC6B Series MICROSmart All-in-One CPU module
Versions
Affected
  • Ver.2.60 and earlier
Vendor
IDEC Corporation
Product
FC6A Series MICROSmart Plus CPU module
Versions
Affected
  • Ver.2.40 and earlier
Vendor
IDEC Corporation
Product
FC6B Series MICROSmart Plus CPU module
Versions
Affected
  • Ver.2.60 and earlier
Vendor
IDEC Corporation
Product
FT1A Series SmartAXIS Pro/Lite
Versions
Affected
  • Ver.2.41 and earlier
Problem Types
TypeCWE IDDescription
CWECWE-319Cleartext transmission of sensitive information
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://us.idec.com/media/24-RD-0256-EN-b.pdf
N/A
https://jvn.jp/en/vu/JVNVU96959731/
N/A
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Problem Types
TypeCWE IDDescription
CWECWE-319CWE-319 Cleartext Transmission of Sensitive Information
Metrics
VersionBase scoreBase severityVector
3.14.6MEDIUM
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Details not found