nvd-json-data-feeds/CVE-2024/CVE-2024-419xx/CVE-2024-41927.json

{
  "id": "CVE-2024-41927",
  "sourceIdentifier": "vultures@jpcert.or.jp",
  "published": "2024-09-04T01:15:11.827",
  "lastModified": "2024-09-04T13:05:36.067",
  "vulnStatus": "Undergoing Analysis",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cleartext transmission of sensitive information vulnerability exists in multiple IDEC PLCs. If an attacker sends a specific command to PLC's serial communication port, user credentials may be obtained. As a result, the program of the PLC may be obtained, and the PLC may be manipulated."
    },
    {
      "lang": "es",
      "value": "Existe una vulnerabilidad de transmisi\u00f3n de informaci\u00f3n confidencial en texto plano en varios PLC de IDEC. Si un atacante env\u00eda un comando espec\u00edfico al puerto de comunicaci\u00f3n en serie del PLC, se pueden obtener las credenciales del usuario. Como resultado, se puede obtener el programa del PLC y manipularlo."
    }
  ],
  "metrics": {},
  "references": [
    {
      "url": "https://jvn.jp/en/vu/JVNVU96959731/",
      "source": "vultures@jpcert.or.jp"
    },
    {
      "url": "https://us.idec.com/media/24-RD-0256-EN.pdf",
      "source": "vultures@jpcert.or.jp"
    }
  ]
}