2023-04-24 12:24:31 +02:00
{
"id" : "CVE-2021-32982" ,
"sourceIdentifier" : "ics-cert@hq.dhs.gov" ,
"published" : "2022-04-04T20:15:09.047" ,
2024-12-08 03:06:42 +00:00
"lastModified" : "2024-11-21T06:08:03.607" ,
"vulnStatus" : "Modified" ,
2024-07-14 02:06:08 +00:00
"cveTags" : [ ] ,
2023-04-24 12:24:31 +02:00
"descriptions" : [
{
"lang" : "en" ,
"value" : "Automation Direct CLICK PLC CPU Modules: C0-1x CPUs with firmware prior to v3.00 passwords are sent as plaintext during unlocking and project transfers. An attacker who has network visibility can observe the password exchange."
} ,
{
"lang" : "es" ,
"value" : "M\u00f3dulos de CPU de PLC CLICK de Automation Direct: CPUs C0-1x con versiones de firmware anteriores a v3.00, las contrase\u00f1as son enviadas como texto plano durante el desbloqueo y las transferencias de proyectos. Un atacante que tenga visibilidad de la red puede observar el intercambio de contrase\u00f1as"
}
] ,
"metrics" : {
"cvssMetricV31" : [
{
2024-12-08 03:06:42 +00:00
"source" : "ics-cert@hq.dhs.gov" ,
"type" : "Secondary" ,
2023-04-24 12:24:31 +02:00
"cvssData" : {
"version" : "3.1" ,
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" ,
2024-12-08 03:06:42 +00:00
"baseScore" : 7.5 ,
"baseSeverity" : "HIGH" ,
2023-04-24 12:24:31 +02:00
"attackVector" : "NETWORK" ,
"attackComplexity" : "LOW" ,
"privilegesRequired" : "NONE" ,
"userInteraction" : "NONE" ,
"scope" : "UNCHANGED" ,
"confidentialityImpact" : "HIGH" ,
"integrityImpact" : "NONE" ,
2024-12-08 03:06:42 +00:00
"availabilityImpact" : "NONE"
2023-04-24 12:24:31 +02:00
} ,
"exploitabilityScore" : 3.9 ,
"impactScore" : 3.6
} ,
{
2024-12-08 03:06:42 +00:00
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
2023-04-24 12:24:31 +02:00
"cvssData" : {
"version" : "3.1" ,
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" ,
2024-12-08 03:06:42 +00:00
"baseScore" : 7.5 ,
"baseSeverity" : "HIGH" ,
2023-04-24 12:24:31 +02:00
"attackVector" : "NETWORK" ,
"attackComplexity" : "LOW" ,
"privilegesRequired" : "NONE" ,
"userInteraction" : "NONE" ,
"scope" : "UNCHANGED" ,
"confidentialityImpact" : "HIGH" ,
"integrityImpact" : "NONE" ,
2024-12-08 03:06:42 +00:00
"availabilityImpact" : "NONE"
2023-04-24 12:24:31 +02:00
} ,
"exploitabilityScore" : 3.9 ,
"impactScore" : 3.6
}
] ,
"cvssMetricV2" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "2.0" ,
"vectorString" : "AV:N/AC:L/Au:N/C:P/I:N/A:N" ,
2024-12-08 03:06:42 +00:00
"baseScore" : 5.0 ,
2023-04-24 12:24:31 +02:00
"accessVector" : "NETWORK" ,
"accessComplexity" : "LOW" ,
"authentication" : "NONE" ,
"confidentialityImpact" : "PARTIAL" ,
"integrityImpact" : "NONE" ,
2024-12-08 03:06:42 +00:00
"availabilityImpact" : "NONE"
2023-04-24 12:24:31 +02:00
} ,
"baseSeverity" : "MEDIUM" ,
"exploitabilityScore" : 10.0 ,
"impactScore" : 2.9 ,
"acInsufInfo" : false ,
"obtainAllPrivilege" : false ,
"obtainUserPrivilege" : false ,
"obtainOtherPrivilege" : false ,
"userInteractionRequired" : false
}
]
} ,
"weaknesses" : [
{
2024-12-08 03:06:42 +00:00
"source" : "ics-cert@hq.dhs.gov" ,
"type" : "Secondary" ,
2023-04-24 12:24:31 +02:00
"description" : [
{
"lang" : "en" ,
"value" : "CWE-319"
}
]
} ,
{
2024-12-08 03:06:42 +00:00
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
2023-04-24 12:24:31 +02:00
"description" : [
{
"lang" : "en" ,
"value" : "CWE-319"
}
]
}
] ,
"configurations" : [
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:automationdirect:c0-10dd1e-d_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "3.00" ,
"matchCriteriaId" : "809BA584-F893-4DE1-ABFF-159EEAA358FF"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:automationdirect:c0-10dd1e-d:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "A81E6705-D033-4024-8FA5-3B8126BA99DA"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:automationdirect:c0-10dd2e-d_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "3.00" ,
"matchCriteriaId" : "7D135DAD-1CC9-4489-A0A1-4A9B08F5BA5B"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:automationdirect:c0-10dd2e-d:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "8F590AF4-E9CB-4C9A-B1A9-6181FBC81336"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:automationdirect:c0-10dre-d_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "3.00" ,
"matchCriteriaId" : "D76AFBCC-2260-4E5D-8534-D7157A8B363A"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:automationdirect:c0-10dre-d:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "F690E38A-3290-4331-BCE0-0EC147805556"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:automationdirect:c0-10are-d_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "3.00" ,
"matchCriteriaId" : "1CEF7DCB-3CF4-4A64-971F-C0287E294CBA"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:automationdirect:c0-10are-d:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "5D7D9142-7F82-4E45-A306-4A899E3ABF4F"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:automationdirect:c0-11dd1e-d_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "3.00" ,
"matchCriteriaId" : "F949EF9C-5F50-4D10-8D25-D0C56657C0D1"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:automationdirect:c0-11dd1e-d:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "97209878-20DD-4121-A1D5-A4D96911FEE7"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:automationdirect:c0-11dd2e-d_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "3.00" ,
"matchCriteriaId" : "335D4844-DE34-4806-9B76-E2B4AD91DA96"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:automationdirect:c0-11dd2e-d:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "E60966AB-7ACE-42EC-AEC6-8CDC05598916"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:automationdirect:c0-11dre-d_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "3.00" ,
"matchCriteriaId" : "E5A5E2F8-C024-4DCC-923A-983379B0A645"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:automationdirect:c0-11dre-d:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "FB2E6605-6623-47CF-8632-10BDF2793189"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:automationdirect:c0-11are-d_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "3.00" ,
"matchCriteriaId" : "2C026105-7051-4F16-BC05-3AC15AA18506"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:automationdirect:c0-11are-d:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "13C86840-19DF-4F2F-B2AC-ECC37D915E76"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:automationdirect:c0-12dd1e-d_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "3.00" ,
"matchCriteriaId" : "F7DFCF51-8057-46B0-9692-691D8190EC8A"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:automationdirect:c0-12dd1e-d:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "A0341C73-C0B9-4FAD-B254-BF2B9899C4E4"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:automationdirect:c0-12dd2e-d_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "3.00" ,
"matchCriteriaId" : "A77D3278-58CD-4715-851A-BD4298C1EBD4"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:automationdirect:c0-12dd2e-d:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "7942D90E-3014-4802-89EE-1CA9708A92D8"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:automationdirect:c0-12dre-d_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "3.00" ,
"matchCriteriaId" : "16FA238D-3252-4207-BCB0-17E2E53A6A4B"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:automationdirect:c0-12dre-d:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "345CC4B9-6EE6-4B0B-87A6-941F7A581191"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:automationdirect:c0-12are-d_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "3.00" ,
"matchCriteriaId" : "6974892E-A4BD-4D1A-B029-763FA5EC1458"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:automationdirect:c0-12are-d:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "A273D864-AE1A-411C-BBD7-4907DD8B349E"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:automationdirect:c0-12dd1e-1-d_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "3.00" ,
"matchCriteriaId" : "0D2CC279-840B-4688-B981-11CEC476BEB9"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:automationdirect:c0-12dd1e-1-d:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "4B3F7FA9-A7D4-499E-8C52-155FB93E6522"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:automationdirect:c0-12dd2e-1-d_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "3.00" ,
"matchCriteriaId" : "4A25805A-F49D-4305-8108-F4D509304213"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:automationdirect:c0-12dd2e-1-d:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "464C9AF0-BA89-4989-BE03-D0C30B3BEFFA"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:automationdirect:c0-12dre-1-d_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "3.00" ,
"matchCriteriaId" : "EFBC8833-C0B8-4D23-A1D2-55FAFAA48BA7"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:automationdirect:c0-12dre-1-d:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "6415993D-A15E-4295-B151-8388550156A3"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:automationdirect:c0-12are-1-d_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "3.00" ,
"matchCriteriaId" : "8121DA90-D68C-46B6-9B8B-468F3F5E7CAA"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:automationdirect:c0-12are-1-d:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "B04C302C-DB3D-4B3B-BE7C-5AD621AEF02A"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:automationdirect:c0-12dd1e-2-d_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "3.00" ,
"matchCriteriaId" : "79E1F884-FA09-45E7-BFC0-F7482EA5A8BA"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:automationdirect:c0-12dd1e-2-d:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "B362D366-AD0C-4D78-91EF-67F205550820"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:automationdirect:c0-12dd2e-2-d_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "3.00" ,
"matchCriteriaId" : "F74838CA-C58B-427F-9429-080D8CE5217E"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:automationdirect:c0-12dd2e-2-d:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "E4F5F7E6-34EA-44A9-B26D-C8B7E281FB31"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:automationdirect:c0-12dre-2-d_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "3.00" ,
"matchCriteriaId" : "8D3184B1-9DDE-4661-A225-AB32D81A84A8"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:automationdirect:c0-12dre-2-d:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "5AA4EA2B-77A8-4852-A84D-FB8B67F64393"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:automationdirect:c0-12are-2-d_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "3.00" ,
"matchCriteriaId" : "A4BADBAD-0F6B-4CE4-BFB6-9018BDE278BC"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:automationdirect:c0-12are-2-d:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "00066AE3-08DF-4CCC-97A6-A4D8A4BC40F3"
}
]
}
]
}
] ,
"references" : [
{
"url" : "https://www.cisa.gov/uscert/ics/advisories/icsa-21-166-02" ,
"source" : "ics-cert@hq.dhs.gov" ,
"tags" : [
"Third Party Advisory" ,
"US Government Resource"
]
2024-12-08 03:06:42 +00:00
} ,
{
"url" : "https://www.cisa.gov/uscert/ics/advisories/icsa-21-166-02" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Third Party Advisory" ,
"US Government Resource"
]
2023-04-24 12:24:31 +02:00
}
]
}
