VYPR
Unrated severityNVD Advisory· Published Oct 17, 2023· Updated Sep 13, 2024

Weak encoding vulnerability in easyE4

CVE-2023-43776

Description

Eaton easyE4 PLC offers a device password protection functionality to facilitate a secure connection and prevent unauthorized access. It was observed that the device password was stored with a weak encoding algorithm in the easyE4 program file when exported to SD card (*.PRG file ending).

Affected products

2
  • Eaton/easyE4 PLCllm-create2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: 0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.