Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-28747 (GCVE-0-2024-28747)
Vulnerability from cvelistv5 – Published: 2024-07-09 07:10 – Updated: 2024-08-02 00:56
VLAI
EPSS
Title
ifm: Use of Hard-coded Credentials
Summary
An unauthenticated remote attacker can use the hard-coded credentials to access the SmartSPS devices with high privileges.
Severity
9.8 (Critical)
CWE
- CWE-798 - Use of Hard-coded Credentials
Assigner
References
1 reference
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| ifm | Smart PLC AC14xx Firmware |
Affected:
0 , ≤ V4.3.17
(semver)
|
|
| ifm | Smart PLC AC4xxS Firmware |
Affected:
0 , ≤ V4.3.17
(semver)
|
Credits
Logan Carpenter
Dragos
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:ifm:smart_plc_ac14xx_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "smart_plc_ac14xx_firmware",
"vendor": "ifm",
"versions": [
{
"lessThanOrEqual": "4.3.17",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"cpes": [
"cpe:2.3:h:ifm:smart_plc_ac4xxs_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "smart_plc_ac4xxs_firmware",
"vendor": "ifm",
"versions": [
{
"lessThanOrEqual": "4.3.17",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-28747",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-09T16:33:34.912072Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-09T16:33:40.482Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:56:58.150Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cert.vde.com/en/advisories/VDE-2024-012"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Smart PLC AC14xx Firmware",
"vendor": "ifm",
"versions": [
{
"lessThanOrEqual": "V4.3.17",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Smart PLC AC4xxS Firmware",
"vendor": "ifm",
"versions": [
{
"lessThanOrEqual": "V4.3.17",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Logan Carpenter"
},
{
"lang": "en",
"type": "reporter",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Dragos"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An unauthenticated remote attacker can use the hard-coded credentials to access the SmartSPS devices with high privileges.\u003cbr\u003e"
}
],
"value": "An unauthenticated remote attacker can use the hard-coded credentials to access the SmartSPS devices with high privileges.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "CWE-798 Use of Hard-coded Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-09T07:10:18.739Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"url": "https://cert.vde.com/en/advisories/VDE-2024-012"
}
],
"source": {
"advisory": "VDE-2024-012",
"defect": [
"CERT@VDE#64595"
],
"discovery": "UNKNOWN"
},
"title": "ifm: Use of Hard-coded Credentials",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2024-28747",
"datePublished": "2024-07-09T07:10:18.739Z",
"dateReserved": "2024-03-08T08:39:32.659Z",
"dateUpdated": "2024-08-02T00:56:58.150Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2024-28747",
"date": "2026-05-27",
"epss": "0.01021",
"percentile": "0.77484"
},
"fkie_nvd": {
"descriptions": "[{\"lang\": \"en\", \"value\": \"An unauthenticated remote attacker can use the hard-coded credentials to access the SmartSPS devices with high privileges.\\n\"}, {\"lang\": \"es\", \"value\": \" Un atacante remoto no autenticado puede utilizar las credenciales codificadas para acceder a los dispositivos SmartSPS con altos privilegios.\"}]",
"id": "CVE-2024-28747",
"lastModified": "2024-11-21T09:06:52.760",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"info@cert.vde.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}]}",
"published": "2024-07-09T07:15:03.563",
"references": "[{\"url\": \"https://cert.vde.com/en/advisories/VDE-2024-012\", \"source\": \"info@cert.vde.com\"}, {\"url\": \"https://cert.vde.com/en/advisories/VDE-2024-012\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "info@cert.vde.com",
"vulnStatus": "Awaiting Analysis",
"weaknesses": "[{\"source\": \"info@cert.vde.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-798\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-28747\",\"sourceIdentifier\":\"info@cert.vde.com\",\"published\":\"2024-07-09T07:15:03.563\",\"lastModified\":\"2024-11-21T09:06:52.760\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An unauthenticated remote attacker can use the hard-coded credentials to access the SmartSPS devices with high privileges.\\n\"},{\"lang\":\"es\",\"value\":\"Un atacante remoto no autenticado puede utilizar las credenciales codificadas para acceder a los dispositivos SmartSPS con altos privilegios.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"info@cert.vde.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"info@cert.vde.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-798\"}]}],\"references\":[{\"url\":\"https://cert.vde.com/en/advisories/VDE-2024-012\",\"source\":\"info@cert.vde.com\"},{\"url\":\"https://cert.vde.com/en/advisories/VDE-2024-012\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-28747\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-07-09T16:33:34.912072Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:h:ifm:smart_plc_ac14xx_firmware:*:*:*:*:*:*:*:*\"], \"vendor\": \"ifm\", \"product\": \"smart_plc_ac14xx_firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"4.3.17\"}], \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:2.3:h:ifm:smart_plc_ac4xxs_firmware:*:*:*:*:*:*:*:*\"], \"vendor\": \"ifm\", \"product\": \"smart_plc_ac4xxs_firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"4.3.17\"}], \"defaultStatus\": \"unaffected\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-07-09T16:33:33.499Z\"}}], \"cna\": {\"title\": \"ifm: Use of Hard-coded Credentials\", \"source\": {\"defect\": [\"CERT@VDE#64595\"], \"advisory\": \"VDE-2024-012\", \"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"user\": \"00000000-0000-4000-9000-000000000000\", \"value\": \"Logan Carpenter\"}, {\"lang\": \"en\", \"type\": \"reporter\", \"user\": \"00000000-0000-4000-9000-000000000000\", \"value\": \"Dragos\"}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"ifm\", \"product\": \"Smart PLC AC14xx Firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"V4.3.17\"}], \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"ifm\", \"product\": \"Smart PLC AC4xxS Firmware\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"V4.3.17\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://cert.vde.com/en/advisories/VDE-2024-012\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"An unauthenticated remote attacker can use the hard-coded credentials to access the SmartSPS devices with high privileges.\\n\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"An unauthenticated remote attacker can use the hard-coded credentials to access the SmartSPS devices with high privileges.\u003cbr\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-798\", \"description\": \"CWE-798 Use of Hard-coded Credentials\"}]}], \"providerMetadata\": {\"orgId\": \"270ccfa6-a436-4e77-922e-914ec3a9685c\", \"shortName\": \"CERTVDE\", \"dateUpdated\": \"2024-07-09T07:10:18.739Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-28747\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-07-09T16:33:40.482Z\", \"dateReserved\": \"2024-03-08T08:39:32.659Z\", \"assignerOrgId\": \"270ccfa6-a436-4e77-922e-914ec3a9685c\", \"datePublished\": \"2024-07-09T07:10:18.739Z\", \"assignerShortName\": \"CERTVDE\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
FKIE_CVE-2024-28747
Vulnerability from fkie_nvd - Published: 2024-07-09 07:15 - Updated: 2026-04-15 00:35
Severity
Summary
An unauthenticated remote attacker can use the hard-coded credentials to access the SmartSPS devices with high privileges.
References
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An unauthenticated remote attacker can use the hard-coded credentials to access the SmartSPS devices with high privileges.\n"
},
{
"lang": "es",
"value": "Un atacante remoto no autenticado puede utilizar las credenciales codificadas para acceder a los dispositivos SmartSPS con altos privilegios."
}
],
"id": "CVE-2024-28747",
"lastModified": "2026-04-15T00:35:42.020",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "info@cert.vde.com",
"type": "Secondary"
}
]
},
"published": "2024-07-09T07:15:03.563",
"references": [
{
"source": "info@cert.vde.com",
"url": "https://cert.vde.com/en/advisories/VDE-2024-012"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://cert.vde.com/en/advisories/VDE-2024-012"
}
],
"sourceIdentifier": "info@cert.vde.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-798"
}
],
"source": "info@cert.vde.com",
"type": "Secondary"
}
]
}
GHSA-QGMW-P96R-8X99
Vulnerability from github – Published: 2024-07-09 09:30 – Updated: 2024-07-09 09:30
VLAI
Details
An unauthenticated remote attacker can use the hard-coded credentials to access the SmartSPS devices with high privileges.
Severity
9.8 (Critical)
{
"affected": [],
"aliases": [
"CVE-2024-28747"
],
"database_specific": {
"cwe_ids": [
"CWE-798"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-07-09T07:15:03Z",
"severity": "CRITICAL"
},
"details": "An unauthenticated remote attacker can use the hard-coded credentials to access the SmartSPS devices with high privileges.\n",
"id": "GHSA-qgmw-p96r-8x99",
"modified": "2024-07-09T09:30:54Z",
"published": "2024-07-09T09:30:54Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28747"
},
{
"type": "WEB",
"url": "https://cert.vde.com/en/advisories/VDE-2024-012"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GSD-2024-28747
Vulnerability from gsd - Updated: 2024-03-09 06:02Details
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
Aliases
{
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2024-28747"
],
"id": "GSD-2024-28747",
"modified": "2024-03-09T06:02:28.613321Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2024-28747",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
}
}
tid-328
Vulnerability from emb3d
Type
Description
Hardcoded credentials typically cannot be changed by end-users and are often undocumented, leaving the end-user unaware of the risk. If a threat actor is able to discover the credentials for a device (or family of devices with the same password), they may be able to exploit multiple devices with no known device-level mitigation. Hardcoded credentials are often intended for vendor-specific diagnostic functions or to authenticate components designed to communicate together (e.g., a PLC and associated IED), but can be abused by threat actors when discovered. Often hardcoded credentials are added to support debugging during a device’s development and are mistakenly left in production devices.
CWE
- CWE-798: Use of Hard-coded Credentials
VDE-2024-012
Vulnerability from csaf_ifmelectronicgmbh - Published: 2024-07-09 07:00 - Updated: 2026-01-15 11:00Summary
ifm: Vulnerabilities in ifm AC14 firmware
Notes
Summary: In ifm Smart PLC firmware up to version 4.3.17 for Smart PLC controllers AC14xx and AC4xxS, an attacker can access the configuration by using the hardcoded credentials. The endpoint hosts a scripts capable of executing various commands.
Impact: Please see the CVE description.
Mitigation: When using automation components, make sure that no unauthorized access can take place. Addition measures should be taken to ensure that the components do not have direct access to Internet resources and that they cannot be accessed from insecure networks. Use available security measures such as authentication and authorization groups.
Remediation: Update to Firmware Version 6.1.8 or later.
An high privileged remote attacker can enable telnet access that accepts hardcoded credentials.
9.1 (Critical)
Mitigation
When using automation components, make sure that no unauthorized access can take place. Addition measures should be taken to ensure that the components do not have direct access to Internet resources and that they cannot be accessed from insecure networks. Use available security measures such as authentication and authorization groups.
Vendor Fix
Update to Firmware Version 6.1.8 or later.
Affected products
Fixed
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-0018 | — | ||
| Unresolved product id: CSAFPID-0019 | — | ||
| Unresolved product id: CSAFPID-0020 | — | ||
| Unresolved product id: CSAFPID-0021 | — | ||
| Unresolved product id: CSAFPID-0023 | — | ||
| Unresolved product id: CSAFPID-0024 | — | ||
| Unresolved product id: CSAFPID-0025 | — | ||
| Unresolved product id: CSAFPID-0026 | — | ||
| Unresolved product id: CSAFPID-0027 | — | ||
| Unresolved product id: CSAFPID-0028 | — | ||
| Unresolved product id: CSAFPID-0029 | — | ||
| Unresolved product id: CSAFPID-0030 | — | ||
| Unresolved product id: CSAFPID-0031 | — | ||
| Unresolved product id: CSAFPID-0032 | — | ||
| Unresolved product id: CSAFPID-0033 | — |
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-0001 | — | ||
| Unresolved product id: CSAFPID-0004 | — | ||
| Unresolved product id: CSAFPID-0005 | — | ||
| Unresolved product id: CSAFPID-0006 | — | ||
| Unresolved product id: CSAFPID-0007 | — | ||
| Unresolved product id: CSAFPID-0008 | — | ||
| Unresolved product id: CSAFPID-0009 | — | ||
| Unresolved product id: CSAFPID-0010 | — | ||
| Unresolved product id: CSAFPID-0011 | — | ||
| Unresolved product id: CSAFPID-0012 | — | ||
| Unresolved product id: CSAFPID-0013 | — | ||
| Unresolved product id: CSAFPID-0014 | — | ||
| Unresolved product id: CSAFPID-0015 | — | ||
| Unresolved product id: CSAFPID-0016 | — | ||
| Unresolved product id: CSAFPID-0017 | — |
A remote attacker with high privileges may use a deleting file function to inject OS commands.
7.2 (High)
Mitigation
When using automation components, make sure that no unauthorized access can take place. Addition measures should be taken to ensure that the components do not have direct access to Internet resources and that they cannot be accessed from insecure networks. Use available security measures such as authentication and authorization groups.
Vendor Fix
Update to Firmware Version 6.1.8 or later.
Affected products
Fixed
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-0018 | — | ||
| Unresolved product id: CSAFPID-0019 | — | ||
| Unresolved product id: CSAFPID-0020 | — | ||
| Unresolved product id: CSAFPID-0021 | — | ||
| Unresolved product id: CSAFPID-0023 | — | ||
| Unresolved product id: CSAFPID-0024 | — | ||
| Unresolved product id: CSAFPID-0025 | — | ||
| Unresolved product id: CSAFPID-0026 | — | ||
| Unresolved product id: CSAFPID-0027 | — | ||
| Unresolved product id: CSAFPID-0028 | — | ||
| Unresolved product id: CSAFPID-0029 | — | ||
| Unresolved product id: CSAFPID-0030 | — | ||
| Unresolved product id: CSAFPID-0031 | — | ||
| Unresolved product id: CSAFPID-0032 | — | ||
| Unresolved product id: CSAFPID-0033 | — |
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-0001 | — | ||
| Unresolved product id: CSAFPID-0004 | — | ||
| Unresolved product id: CSAFPID-0005 | — | ||
| Unresolved product id: CSAFPID-0006 | — | ||
| Unresolved product id: CSAFPID-0007 | — | ||
| Unresolved product id: CSAFPID-0008 | — | ||
| Unresolved product id: CSAFPID-0009 | — | ||
| Unresolved product id: CSAFPID-0010 | — | ||
| Unresolved product id: CSAFPID-0011 | — | ||
| Unresolved product id: CSAFPID-0012 | — | ||
| Unresolved product id: CSAFPID-0013 | — | ||
| Unresolved product id: CSAFPID-0014 | — | ||
| Unresolved product id: CSAFPID-0015 | — | ||
| Unresolved product id: CSAFPID-0016 | — | ||
| Unresolved product id: CSAFPID-0017 | — |
A remote attacker with high privileges may use a writing file function to inject OS commands.
7.2 (High)
Mitigation
When using automation components, make sure that no unauthorized access can take place. Addition measures should be taken to ensure that the components do not have direct access to Internet resources and that they cannot be accessed from insecure networks. Use available security measures such as authentication and authorization groups.
Vendor Fix
Update to Firmware Version 6.1.8 or later.
Affected products
Fixed
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-0018 | — | ||
| Unresolved product id: CSAFPID-0019 | — | ||
| Unresolved product id: CSAFPID-0020 | — | ||
| Unresolved product id: CSAFPID-0021 | — | ||
| Unresolved product id: CSAFPID-0023 | — | ||
| Unresolved product id: CSAFPID-0024 | — | ||
| Unresolved product id: CSAFPID-0025 | — | ||
| Unresolved product id: CSAFPID-0026 | — | ||
| Unresolved product id: CSAFPID-0027 | — | ||
| Unresolved product id: CSAFPID-0028 | — | ||
| Unresolved product id: CSAFPID-0029 | — | ||
| Unresolved product id: CSAFPID-0030 | — | ||
| Unresolved product id: CSAFPID-0031 | — | ||
| Unresolved product id: CSAFPID-0032 | — | ||
| Unresolved product id: CSAFPID-0033 | — |
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-0001 | — | ||
| Unresolved product id: CSAFPID-0004 | — | ||
| Unresolved product id: CSAFPID-0005 | — | ||
| Unresolved product id: CSAFPID-0006 | — | ||
| Unresolved product id: CSAFPID-0007 | — | ||
| Unresolved product id: CSAFPID-0008 | — | ||
| Unresolved product id: CSAFPID-0009 | — | ||
| Unresolved product id: CSAFPID-0010 | — | ||
| Unresolved product id: CSAFPID-0011 | — | ||
| Unresolved product id: CSAFPID-0012 | — | ||
| Unresolved product id: CSAFPID-0013 | — | ||
| Unresolved product id: CSAFPID-0014 | — | ||
| Unresolved product id: CSAFPID-0015 | — | ||
| Unresolved product id: CSAFPID-0016 | — | ||
| Unresolved product id: CSAFPID-0017 | — |
A remote attacker with high privileges may use a reading file function to inject OS commands.
7.2 (High)
Mitigation
When using automation components, make sure that no unauthorized access can take place. Addition measures should be taken to ensure that the components do not have direct access to Internet resources and that they cannot be accessed from insecure networks. Use available security measures such as authentication and authorization groups.
Vendor Fix
Update to Firmware Version 6.1.8 or later.
Affected products
Fixed
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-0018 | — | ||
| Unresolved product id: CSAFPID-0019 | — | ||
| Unresolved product id: CSAFPID-0020 | — | ||
| Unresolved product id: CSAFPID-0021 | — | ||
| Unresolved product id: CSAFPID-0023 | — | ||
| Unresolved product id: CSAFPID-0024 | — | ||
| Unresolved product id: CSAFPID-0025 | — | ||
| Unresolved product id: CSAFPID-0026 | — | ||
| Unresolved product id: CSAFPID-0027 | — | ||
| Unresolved product id: CSAFPID-0028 | — | ||
| Unresolved product id: CSAFPID-0029 | — | ||
| Unresolved product id: CSAFPID-0030 | — | ||
| Unresolved product id: CSAFPID-0031 | — | ||
| Unresolved product id: CSAFPID-0032 | — | ||
| Unresolved product id: CSAFPID-0033 | — |
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-0001 | — | ||
| Unresolved product id: CSAFPID-0004 | — | ||
| Unresolved product id: CSAFPID-0005 | — | ||
| Unresolved product id: CSAFPID-0006 | — | ||
| Unresolved product id: CSAFPID-0007 | — | ||
| Unresolved product id: CSAFPID-0008 | — | ||
| Unresolved product id: CSAFPID-0009 | — | ||
| Unresolved product id: CSAFPID-0010 | — | ||
| Unresolved product id: CSAFPID-0011 | — | ||
| Unresolved product id: CSAFPID-0012 | — | ||
| Unresolved product id: CSAFPID-0013 | — | ||
| Unresolved product id: CSAFPID-0014 | — | ||
| Unresolved product id: CSAFPID-0015 | — | ||
| Unresolved product id: CSAFPID-0016 | — | ||
| Unresolved product id: CSAFPID-0017 | — |
An unauthenticated remote attacker can use the hard-coded credentials to access the SmartSPS devices with high privileges.
9.8 (Critical)
Mitigation
When using automation components, make sure that no unauthorized access can take place. Addition measures should be taken to ensure that the components do not have direct access to Internet resources and that they cannot be accessed from insecure networks. Use available security measures such as authentication and authorization groups.
Vendor Fix
Update to Firmware Version 6.1.8 or later.
Affected products
Fixed
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-32001 | — | ||
| Unresolved product id: CSAFPID-32002 | — | ||
| Unresolved product id: CSAFPID-0018 | — | ||
| Unresolved product id: CSAFPID-0019 | — | ||
| Unresolved product id: CSAFPID-0020 | — | ||
| Unresolved product id: CSAFPID-0021 | — | ||
| Unresolved product id: CSAFPID-0023 | — | ||
| Unresolved product id: CSAFPID-0024 | — | ||
| Unresolved product id: CSAFPID-0025 | — | ||
| Unresolved product id: CSAFPID-0026 | — | ||
| Unresolved product id: CSAFPID-0027 | — | ||
| Unresolved product id: CSAFPID-0028 | — | ||
| Unresolved product id: CSAFPID-0029 | — | ||
| Unresolved product id: CSAFPID-0030 | — | ||
| Unresolved product id: CSAFPID-0031 | — | ||
| Unresolved product id: CSAFPID-0032 | — | ||
| Unresolved product id: CSAFPID-0033 | — |
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: CSAFPID-31001 | — | ||
| Unresolved product id: CSAFPID-31002 | — | ||
| Unresolved product id: CSAFPID-0001 | — | ||
| Unresolved product id: CSAFPID-0004 | — | ||
| Unresolved product id: CSAFPID-0005 | — | ||
| Unresolved product id: CSAFPID-0006 | — | ||
| Unresolved product id: CSAFPID-0007 | — | ||
| Unresolved product id: CSAFPID-0008 | — | ||
| Unresolved product id: CSAFPID-0009 | — | ||
| Unresolved product id: CSAFPID-0010 | — | ||
| Unresolved product id: CSAFPID-0011 | — | ||
| Unresolved product id: CSAFPID-0012 | — | ||
| Unresolved product id: CSAFPID-0013 | — | ||
| Unresolved product id: CSAFPID-0014 | — | ||
| Unresolved product id: CSAFPID-0015 | — | ||
| Unresolved product id: CSAFPID-0016 | — | ||
| Unresolved product id: CSAFPID-0017 | — |
References
4 references
| URL | Category |
|---|---|
| https://certvde.com/en/advisories/VDE-2024-012/ | self |
| https://ifm.csaf-tp.certvde.com/.well-known/csaf/… | self |
| https://www.ifm.com | external |
| https://certvde.com/en/advisories/vendor/ifm/ | external |
Acknowledgments
CERT@VDE
certvde.com
Dragos
Logan Carpenter
{
"document": {
"acknowledgments": [
{
"organization": "CERT@VDE",
"summary": "coordination",
"urls": [
"https://certvde.com"
]
},
{
"names": [
"Logan Carpenter"
],
"organization": "Dragos",
"summary": "reporting"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-GB",
"notes": [
{
"category": "summary",
"text": "In ifm Smart PLC firmware up to version 4.3.17 for Smart PLC controllers AC14xx and AC4xxS, an attacker can access the configuration by using the hardcoded credentials. The endpoint hosts a scripts capable of executing various commands.",
"title": "Summary"
},
{
"category": "description",
"text": "Please see the CVE description.",
"title": "Impact"
},
{
"category": "description",
"text": "When using automation components, make sure that no unauthorized access can take place. Addition measures should be taken to ensure that the components do not have direct access to Internet resources and that they cannot be accessed from insecure networks. Use available security measures such as authentication and authorization groups.",
"title": "Mitigation"
},
{
"category": "description",
"text": "Update to Firmware Version 6.1.8 or later.",
"title": "Remediation"
}
],
"publisher": {
"category": "vendor",
"contact_details": "psirt@ifm.com",
"name": "ifm electronic GmbH",
"namespace": "https://www.ifm.com"
},
"references": [
{
"category": "self",
"summary": "VDE-2024-012: ifm: Vulnerabilities in ifm AC14 firmware - HTML",
"url": "https://certvde.com/en/advisories/VDE-2024-012/"
},
{
"category": "self",
"summary": "VDE-2024-012: ifm: Vulnerabilities in ifm AC14 firmware - CSAF",
"url": "https://ifm.csaf-tp.certvde.com/.well-known/csaf/white/2024/vde-2024-012.json"
},
{
"category": "external",
"summary": "Vendor PSIRT",
"url": "https://www.ifm.com"
},
{
"category": "external",
"summary": "CERT@VDE Security Advisories for ifm electronic GmbH",
"url": "https://certvde.com/en/advisories/vendor/ifm/"
}
],
"title": "ifm: Vulnerabilities in ifm AC14 firmware",
"tracking": {
"aliases": [
"VDE-2024-012"
],
"current_release_date": "2026-01-15T11:00:00.000Z",
"generator": {
"date": "2026-01-30T08:26:37.355Z",
"engine": {
"name": "Secvisogram",
"version": "2.5.42"
}
},
"id": "VDE-2024-012",
"initial_release_date": "2024-07-09T07:00:00.000Z",
"revision_history": [
{
"date": "2024-07-09T07:00:00.000Z",
"number": "1.0.0",
"summary": "Initial revision."
},
{
"date": "2025-08-27T10:00:00.000Z",
"number": "1.1.0",
"summary": "Update: CWE from CVE-2024-28751, Revision History"
},
{
"date": "2026-01-06T11:00:00.000Z",
"number": "2.0.0",
"summary": "Fixed Version range, Added Score to Vulnerability CVE-2024-28750, deleted \"firmware\" from the full product name of the hardware, changed Vulnerability title to CVE description"
},
{
"date": "2026-01-15T11:00:00.000Z",
"number": "3.0.0",
"summary": "Update Product information"
}
],
"status": "final",
"version": "3.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Smart PLC AC1401",
"product": {
"name": "Smart PLC AC1401",
"product_id": "CSAFPID-11001",
"product_identification_helper": {
"cpe": "cpe:2.3:h:ifm_electronic:ac1401:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "Smart PLC AC402s ",
"product": {
"name": "Smart PLC AC402s ",
"product_id": "CSAFPID-11002",
"product_identification_helper": {
"cpe": "cpe:2.3:h:ifm_electronic:ac402s:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "Smart PLC AC1402",
"product": {
"name": "Smart PLC AC1402",
"product_id": "CSAFPID-32003",
"product_identification_helper": {
"cpe": "cpe:2.3:h:ifm_electronic:ac1402:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "Smart PLC AC1403",
"product": {
"name": "Smart PLC AC1403",
"product_id": "CSAFPID-32004",
"product_identification_helper": {
"cpe": "cpe:2.3:h:ifm_electronic:ac1403:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "Smart PLC AC1404",
"product": {
"name": "Smart PLC AC1404",
"product_id": "CSAFPID-32005",
"product_identification_helper": {
"cpe": "cpe:2.3:h:ifm_electronic:ac1404:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "Smart PLC AC1411",
"product": {
"name": "Smart PLC AC1411",
"product_id": "CSAFPID-32006",
"product_identification_helper": {
"cpe": "cpe:2.3:h:ifm_electronic:ac14011:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "Smart PLC AC1412",
"product": {
"name": "Smart PLC AC1412",
"product_id": "CSAFPID-32007",
"product_identification_helper": {
"cpe": "cpe:2.3:h:ifm_electronic:ac1412:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "Smart PLC AC1421",
"product": {
"name": "Smart PLC AC1421",
"product_id": "CSAFPID-32008",
"product_identification_helper": {
"cpe": "cpe:2.3:h:ifm_electronic:ac1421:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "Smart PLC AC1422",
"product": {
"name": "Smart PLC AC1421",
"product_id": "CSAFPID-32009",
"product_identification_helper": {
"cpe": "cpe:2.3:h:ifm_electronic:ac1422:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "Smart PLC AC1423",
"product": {
"name": "Smart PLC AC1423",
"product_id": "CSAFPID-32010",
"product_identification_helper": {
"cpe": "cpe:2.3:h:ifm_electronic:ac1423:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "Smart PLC AC1424",
"product": {
"name": "Smart PLC AC1424",
"product_id": "CSAFPID-32011",
"product_identification_helper": {
"cpe": "cpe:2.3:h:ifm_electronic:ac1424:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "Smart PLC AC1433",
"product": {
"name": "Smart PLC AC1433",
"product_id": "CSAFPID-32012",
"product_identification_helper": {
"cpe": "cpe:2.3:h:ifm_electronic:ac1433:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "Smart PLC AC1434",
"product": {
"name": "Smart PLC AC1434",
"product_id": "CSAFPID-32013",
"product_identification_helper": {
"cpe": "cpe:2.3:h:ifm_electronic:ac1434:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "Smart PLC AC422s ",
"product": {
"name": "Smart PLC AC422s ",
"product_id": "CSAFPID-32014",
"product_identification_helper": {
"cpe": "cpe:2.3:h:ifm_electronic:ac422s:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "Smart PLC AC424s ",
"product": {
"name": "Smart PLC AC424s ",
"product_id": "CSAFPID-32015",
"product_identification_helper": {
"cpe": "cpe:2.3:h:ifm_electronic:ac424s:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "Smart PLC AC432s ",
"product": {
"name": "Smart PLC AC432s ",
"product_id": "CSAFPID-32016",
"product_identification_helper": {
"cpe": "cpe:2.3:h:ifm_electronic:ac432s:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "Smart PLC AC434s ",
"product": {
"name": "Smart PLC AC434s ",
"product_id": "CSAFPID-32017",
"product_identification_helper": {
"cpe": "cpe:2.3:h:ifm_electronic:ac434s:*:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_family",
"name": "Hardware"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:semver/\u003c=4.3.17",
"product": {
"name": "Firmware \u003c=V4.3.17",
"product_id": "CSAFPID-21001"
}
},
{
"category": "product_version",
"name": "6.1.8",
"product": {
"name": "Firmware 6.1.8",
"product_id": "CSAFPID-22001",
"product_identification_helper": {
"cpe": "cpe:2.3:o:ifm_electronic:ac_firmware:6.1.8:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_family",
"name": "Firmware"
}
],
"category": "vendor",
"name": "ifm"
}
],
"product_groups": [
{
"group_id": "CSAFGID-0001",
"product_ids": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-0001",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017"
],
"summary": "Affected products."
},
{
"group_id": "CSAFGID-0002",
"product_ids": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033"
],
"summary": "Fixed products."
}
],
"relationships": [
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c=V4.3.17 installed on Smart PLC AC1401",
"product_id": "CSAFPID-31001"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c=V4.3.17 installed on Smart PLC AC402s ",
"product_id": "CSAFPID-31002"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-11002"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 6.1.8 installed on Smart PLC AC1401",
"product_id": "CSAFPID-32001"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11001"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 6.1.8 installed on Smart PLC AC402s ",
"product_id": "CSAFPID-32002"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-11002"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c=V4.3.17 installed on Smart PLC AC1412",
"product_id": "CSAFPID-0001"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-32007"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c=V4.3.17 installed on Smart PLC AC1402",
"product_id": "CSAFPID-0004"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-32003"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c=V4.3.17 installed on Smart PLC AC1403",
"product_id": "CSAFPID-0005"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-32004"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c=V4.3.17 installed on Smart PLC AC1404",
"product_id": "CSAFPID-0006"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-32005"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c=V4.3.17 installed on Smart PLC AC1411",
"product_id": "CSAFPID-0007"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-32006"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c=V4.3.17 installed on Smart PLC AC1412",
"product_id": "CSAFPID-0008"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-32007"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c=V4.3.17 installed on Smart PLC AC1423",
"product_id": "CSAFPID-0009"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-32010"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c=V4.3.17 installed on Smart PLC AC1424",
"product_id": "CSAFPID-0010"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-32011"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c=V4.3.17 installed on Smart PLC AC1433",
"product_id": "CSAFPID-0011"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-32012"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c=V4.3.17 installed on Smart PLC AC1434",
"product_id": "CSAFPID-0012"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-32013"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c=V4.3.17 installed on Smart PLC AC422s ",
"product_id": "CSAFPID-0013"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-32014"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c=V4.3.17 installed on Smart PLC AC424s ",
"product_id": "CSAFPID-0014"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-32015"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c=V4.3.17 installed on Smart PLC AC434s ",
"product_id": "CSAFPID-0015"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-32017"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c=V4.3.17 installed on Smart PLC AC432s ",
"product_id": "CSAFPID-0016"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-32016"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware \u003c=V4.3.17 installed on Smart PLC AC1421",
"product_id": "CSAFPID-0017"
},
"product_reference": "CSAFPID-21001",
"relates_to_product_reference": "CSAFPID-32008"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 6.1.8 installed on Smart PLC AC1402",
"product_id": "CSAFPID-0018"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-32003"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 6.1.8 installed on Smart PLC AC1403",
"product_id": "CSAFPID-0019"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-32004"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 6.1.8 installed on Smart PLC AC1404",
"product_id": "CSAFPID-0020"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-32005"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 6.1.8 installed on Smart PLC AC1411",
"product_id": "CSAFPID-0021"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-32006"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 6.1.8 installed on Smart PLC AC1411",
"product_id": "CSAFPID-0023"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-32006"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 6.1.8 installed on Smart PLC AC1421",
"product_id": "CSAFPID-0024"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-32008"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 6.1.8 installed on Smart PLC AC1421",
"product_id": "CSAFPID-0025"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-32009"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 6.1.8 installed on Smart PLC AC1423",
"product_id": "CSAFPID-0026"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-32010"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 6.1.8 installed on Smart PLC AC1424",
"product_id": "CSAFPID-0027"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-32011"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 6.1.8 installed on Smart PLC AC1433",
"product_id": "CSAFPID-0028"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-32012"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 6.1.8 installed on Smart PLC AC1434",
"product_id": "CSAFPID-0029"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-32013"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 6.1.8 installed on Smart PLC AC422s ",
"product_id": "CSAFPID-0030"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-32014"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 6.1.8 installed on Smart PLC AC424s ",
"product_id": "CSAFPID-0031"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-32015"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 6.1.8 installed on Smart PLC AC432s ",
"product_id": "CSAFPID-0032"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-32016"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 6.1.8 installed on Smart PLC AC434s ",
"product_id": "CSAFPID-0033"
},
"product_reference": "CSAFPID-22001",
"relates_to_product_reference": "CSAFPID-32017"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-28751",
"cwe": {
"id": "CWE-798",
"name": "Use of Hard-coded Credentials"
},
"notes": [
{
"category": "description",
"text": "An high privileged remote attacker can enable telnet access that accepts hardcoded credentials. \n",
"title": "CVE Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-0001",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017"
]
},
"remediations": [
{
"category": "mitigation",
"details": "When using automation components, make sure that no unauthorized access can take place. Addition measures should be taken to ensure that the components do not have direct access to Internet resources and that they cannot be accessed from insecure networks. Use available security measures such as authentication and authorization groups.",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to Firmware Version 6.1.8 or later.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalScore": 9.1,
"environmentalSeverity": "CRITICAL",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"temporalScore": 9.1,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-0001",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017"
]
}
],
"title": "CVE-2024-28751"
},
{
"cve": "CVE-2024-28750",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"notes": [
{
"category": "description",
"text": "A remote attacker with high privileges may use a deleting file function to inject OS commands.\n",
"title": "CVE Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-0001",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017"
]
},
"remediations": [
{
"category": "mitigation",
"details": "When using automation components, make sure that no unauthorized access can take place. Addition measures should be taken to ensure that the components do not have direct access to Internet resources and that they cannot be accessed from insecure networks. Use available security measures such as authentication and authorization groups.",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to Firmware Version 6.1.8 or later.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.2,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"temporalScore": 7.2,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-0001",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017"
]
}
],
"title": "CVE-2024-28750"
},
{
"cve": "CVE-2024-28749",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"notes": [
{
"category": "description",
"text": "A remote attacker with high privileges may use a writing file function to inject OS commands.\n",
"title": "CVE Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-0001",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017"
]
},
"remediations": [
{
"category": "mitigation",
"details": "When using automation components, make sure that no unauthorized access can take place. Addition measures should be taken to ensure that the components do not have direct access to Internet resources and that they cannot be accessed from insecure networks. Use available security measures such as authentication and authorization groups.",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to Firmware Version 6.1.8 or later.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.2,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"temporalScore": 7.2,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-0001",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017"
]
}
],
"title": "CVE-2024-28749"
},
{
"cve": "CVE-2024-28748",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"notes": [
{
"category": "description",
"text": "A remote attacker with high privileges may use a reading file function to inject OS commands.\n",
"title": "CVE Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-0001",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017"
]
},
"remediations": [
{
"category": "mitigation",
"details": "When using automation components, make sure that no unauthorized access can take place. Addition measures should be taken to ensure that the components do not have direct access to Internet resources and that they cannot be accessed from insecure networks. Use available security measures such as authentication and authorization groups.",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to Firmware Version 6.1.8 or later.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.2,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"temporalScore": 7.2,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-0001",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017"
]
}
],
"title": "CVE-2024-28748"
},
{
"cve": "CVE-2024-28747",
"cwe": {
"id": "CWE-798",
"name": "Use of Hard-coded Credentials"
},
"notes": [
{
"category": "description",
"text": "An unauthenticated remote attacker can use the hard-coded credentials to access the SmartSPS devices with high privileges.\n",
"title": "CVE Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-32001",
"CSAFPID-32002",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0023",
"CSAFPID-0024",
"CSAFPID-0025",
"CSAFPID-0026",
"CSAFPID-0027",
"CSAFPID-0028",
"CSAFPID-0029",
"CSAFPID-0030",
"CSAFPID-0031",
"CSAFPID-0032",
"CSAFPID-0033"
],
"known_affected": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-0001",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017"
]
},
"remediations": [
{
"category": "mitigation",
"details": "When using automation components, make sure that no unauthorized access can take place. Addition measures should be taken to ensure that the components do not have direct access to Internet resources and that they cannot be accessed from insecure networks. Use available security measures such as authentication and authorization groups.",
"group_ids": [
"CSAFGID-0001"
]
},
{
"category": "vendor_fix",
"details": "Update to Firmware Version 6.1.8 or later.",
"group_ids": [
"CSAFGID-0001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalScore": 9.8,
"environmentalSeverity": "CRITICAL",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 9.8,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-31001",
"CSAFPID-31002",
"CSAFPID-0001",
"CSAFPID-0004",
"CSAFPID-0005",
"CSAFPID-0006",
"CSAFPID-0007",
"CSAFPID-0008",
"CSAFPID-0009",
"CSAFPID-0010",
"CSAFPID-0011",
"CSAFPID-0012",
"CSAFPID-0013",
"CSAFPID-0014",
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017"
]
}
],
"title": "CVE-2024-28747"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…