VDE-2024-061
Vulnerability from csaf_ifmelectronicgmbh - Published: 2025-06-30 10:00 - Updated: 2026-02-18 08:00Summary
ifm: Improper Access Control vulnerability
Severity
High
Notes
Summary: A vulnerability has been disclosed in PLC ifm AC4xxS that allows an attacker to trigger the safety state with the help of a specially crafted html request. This leads to a loss of availability.
Impact: An unauthorized attacker can exploit this vulnerability to issue malicious commands to the PLC, potentially disrupting or damaging the production line.
Mitigation: When using automation components, make sure that no unauthorized access can take place. In addition, measures should be taken to ensure that the components do not have direct access to Internet resources and that they cannot be accessed from insecure networks. Use available security measures such as authentication and authorization groups.
PLC with firmware V6.1.8 http interface can be disabled.
The endpoint hosts a script that allows an unauthorized remote attacker to put the system in a fail-safe state over the network due to missing authentication.
7.5 (High)
Mitigation
When using automation components, make sure that no unauthorized access can take place. In addition, measures should be taken to ensure that the components do not have direct access to Internet resources and that they cannot be accessed from insecure networks. Use available security measures such as authentication and authorization groups.
PLC with firmware V6.1.8 http interface can be disabled.
References
Acknowledgments
CERT@VDE
certvde.com
National Technical University of Ukraine "Igor Sikorsky Kyiv Polytechnic Institute"
Dmytro Kryhin
kpi.ua/en
{
"document": {
"acknowledgments": [
{
"organization": "CERT@VDE",
"summary": "coordination",
"urls": [
"https://certvde.com"
]
},
{
"names": [
"Dmytro Kryhin"
],
"organization": "National Technical University of Ukraine \"Igor Sikorsky Kyiv Polytechnic Institute\"",
"summary": "reporting",
"urls": [
"https://kpi.ua/en"
]
}
],
"aggregate_severity": {
"namespace": "https://www.first.org/cvss/v3.1/specification-document#Qualitative-Severity-Rating-Scale",
"text": "High"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-GB",
"notes": [
{
"category": "summary",
"text": "A vulnerability has been disclosed in PLC ifm AC4xxS that allows an attacker to trigger the safety state with the help of a specially crafted html request. This leads to a loss of availability.",
"title": "Summary"
},
{
"category": "description",
"text": "An unauthorized attacker can exploit this vulnerability to issue malicious commands to the PLC, potentially disrupting or damaging the production line. ",
"title": "Impact"
},
{
"category": "description",
"text": "When using automation components, make sure that no unauthorized access can take place. In addition, measures should be taken to ensure that the components do not have direct access to Internet resources and that they cannot be accessed from insecure networks. Use available security measures such as authentication and authorization groups.\n\nPLC with firmware V6.1.8 http interface can be disabled.",
"title": "Mitigation"
}
],
"publisher": {
"category": "vendor",
"contact_details": "psirt@ifm.com",
"name": "ifm electronic GmbH",
"namespace": "https://www.ifm.com"
},
"references": [
{
"category": "external",
"summary": "CERT@VDE Security Advisories for ifm electronic GmbH",
"url": "https://certvde.com/en/advisories/vendor/ifm"
},
{
"category": "self",
"summary": "VDE-2024-061: ifm: Improper Access Control vulnerability - HTML",
"url": "https://certvde.com/en/advisories/VDE-2024-061"
},
{
"category": "self",
"summary": "VDE-2024-061: ifm: Improper Access Control vulnerability - CSAF",
"url": "https://ifm.csaf-tp.certvde.com/.well-known/csaf/white/2025/vde-2024-061.json"
},
{
"category": "external",
"summary": "ifm electronic GmbH PSIRT",
"url": "https://www.ifm.com/de/en/shared/service/technischer-support/product-security-overview"
}
],
"title": "ifm: Improper Access Control vulnerability",
"tracking": {
"aliases": [
"VDE-2024-061",
"ifm-23082024"
],
"current_release_date": "2026-02-18T08:00:00.000Z",
"generator": {
"date": "2026-02-18T07:57:21.164Z",
"engine": {
"name": "Secvisogram",
"version": "2.5.43"
}
},
"id": "VDE-2024-061",
"initial_release_date": "2025-06-30T10:00:00.000Z",
"revision_history": [
{
"date": "2025-06-30T10:00:00.000Z",
"legacy_version": "1",
"number": "1.0.0",
"summary": "Initial release."
},
{
"date": "2026-02-16T15:00:00.000Z",
"number": "2.0.0",
"summary": "Updated content and product names."
},
{
"date": "2026-02-18T08:00:00.000Z",
"number": "2.0.1",
"summary": "Fixed Typo."
}
],
"status": "final",
"version": "2.0.1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "AC402s",
"product": {
"name": "ifm Smart PLC AC402s",
"product_id": "CSAFPID-0010",
"product_identification_helper": {
"cpe": "cpe:2.3:h:ifm_electronic:ac402s:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "AC422s",
"product": {
"name": "ifm Smart PLC AC422s",
"product_id": "CSAFPID-0011",
"product_identification_helper": {
"cpe": "cpe:2.3:h:ifm_electronic:ac422s:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "AC424s",
"product": {
"name": "ifm Smart PLC AC424s",
"product_id": "CSAFPID-0012",
"product_identification_helper": {
"cpe": "cpe:2.3:h:ifm_electronic:ac424s:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "AC432s",
"product": {
"name": "ifm Smart PLC AC432s",
"product_id": "CSAFPID-0013",
"product_identification_helper": {
"cpe": "cpe:2.3:h:ifm_electronic:ac432s:*:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_name",
"name": "AC434s",
"product": {
"name": "ifm Smart PLC AC434s",
"product_id": "CSAFPID-0014",
"product_identification_helper": {
"cpe": "cpe:2.3:h:ifm_electronic:ac434s:*:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Smart PLC"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:generic/4.04\u003c4.3.17",
"product": {
"name": "Firmware 4.04\u003c4.3.17",
"product_id": "CSAFPID-0003"
}
},
{
"category": "product_version",
"name": "6.1.8",
"product": {
"name": "Firmware 6.1.8",
"product_id": "CSAFPID-0004",
"product_identification_helper": {
"cpe": "cpe:2.3:o:ifm_electronic:ac4xxS:6.1.8:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Firmware"
}
],
"category": "vendor",
"name": "ifm"
}
],
"product_groups": [
{
"group_id": "CSAFGID-0001",
"product_ids": [
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024"
],
"summary": "Affected products."
}
],
"relationships": [
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 4.04\u003c4.3.17 installed on ifm Smart PLC AC402s",
"product_id": "CSAFPID-0015"
},
"product_reference": "CSAFPID-0003",
"relates_to_product_reference": "CSAFPID-0010"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 4.04\u003c4.3.17 installed on ifm Smart PLC AC422s",
"product_id": "CSAFPID-0016"
},
"product_reference": "CSAFPID-0003",
"relates_to_product_reference": "CSAFPID-0011"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 4.04\u003c4.3.17 installed on ifm Smart PLC AC424s",
"product_id": "CSAFPID-0017"
},
"product_reference": "CSAFPID-0003",
"relates_to_product_reference": "CSAFPID-0012"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 4.04\u003c4.3.17 installed on ifm Smart PLC AC432s",
"product_id": "CSAFPID-0018"
},
"product_reference": "CSAFPID-0003",
"relates_to_product_reference": "CSAFPID-0013"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 4.04\u003c4.3.17 installed on ifm Smart PLC AC434s",
"product_id": "CSAFPID-0019"
},
"product_reference": "CSAFPID-0003",
"relates_to_product_reference": "CSAFPID-0014"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 6.1.8 installed on ifm Smart PLC AC402s",
"product_id": "CSAFPID-0020"
},
"product_reference": "CSAFPID-0004",
"relates_to_product_reference": "CSAFPID-0010"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 6.1.8 installed on ifm Smart PLC AC422s",
"product_id": "CSAFPID-0021"
},
"product_reference": "CSAFPID-0004",
"relates_to_product_reference": "CSAFPID-0011"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 6.1.8 installed on ifm Smart PLC AC424s",
"product_id": "CSAFPID-0022"
},
"product_reference": "CSAFPID-0004",
"relates_to_product_reference": "CSAFPID-0012"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 6.1.8 installed on ifm Smart PLC AC432s",
"product_id": "CSAFPID-0023"
},
"product_reference": "CSAFPID-0004",
"relates_to_product_reference": "CSAFPID-0013"
},
{
"category": "installed_on",
"full_product_name": {
"name": "Firmware 6.1.8 installed on ifm Smart PLC AC434s",
"product_id": "CSAFPID-0024"
},
"product_reference": "CSAFPID-0004",
"relates_to_product_reference": "CSAFPID-0014"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-8419",
"cwe": {
"id": "CWE-306",
"name": "Missing Authentication for Critical Function"
},
"notes": [
{
"audience": "all",
"category": "description",
"text": "The endpoint hosts a script that allows an unauthorized remote attacker to put the system in a fail-safe state over the network due to missing authentication.",
"title": "CVE Description"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024"
]
},
"remediations": [
{
"category": "mitigation",
"details": "When using automation components, make sure that no unauthorized access can take place. In addition, measures should be taken to ensure that the components do not have direct access to Internet resources and that they cannot be accessed from insecure networks. Use available security measures such as authentication and authorization groups.\n\nPLC with firmware V6.1.8 http interface can be disabled.",
"group_ids": [
"CSAFGID-0001"
],
"product_ids": [
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-0015",
"CSAFPID-0016",
"CSAFPID-0017",
"CSAFPID-0018",
"CSAFPID-0019",
"CSAFPID-0020",
"CSAFPID-0021",
"CSAFPID-0022",
"CSAFPID-0023",
"CSAFPID-0024"
]
}
],
"title": "Improper Access Control vulnerability in AC4xxS devices"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…