An attacker may obtain the user credentials from file servers, backup repositories, or ZLD files saved in SD cards. As a result, the PLC user program may be uploaded, altered, and/or downloaded.
The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Data_file_manager | Idec | * | 2.12.1 (including) |
Windedit | Idec | * | 1.3.1 (including) |
Windldr | Idec | * | 8.19.1 (including) |