VYPR
Vendor

IDEC

Products
9
CVEs
6
Across products
17
Status
Private

Products

9

Recent CVEs

6
  • CVE-2021-37401CriDec 28, 2021
    risk 0.64cvss 9.8epss 0.01

    An attacker may obtain the user credentials from file servers, backup repositories, or ZLD files saved in SD cards. As a result, the PLC user program may be uploaded, altered, and/or downloaded.

  • CVE-2021-37400CriDec 28, 2021
    risk 0.64cvss 9.8epss 0.01

    An attacker may obtain the user credentials from the communication between the PLC and the software. As a result, the PLC user program may be uploaded, altered, and/or downloaded.

  • CVE-2024-41716HigSep 4, 2024
    risk 0.53cvss 8.1epss 0.00

    Cleartext storage of sensitive information vulnerability exists in WindLDR and WindO/I-NV4. If this vulnerability is exploited, an attacker who obtained the product's project file may obtain user credentials of the PLC or Operator Interfaces. As a result, an attacker may be able…

  • CVE-2021-20827HigDec 24, 2021
    risk 0.49cvss 7.5epss 0.01

    Plaintext storage of a password vulnerability in IDEC PLCs (FC6A Series MICROSmart All-in-One CPU module v2.32 and earlier, FC6A Series MICROSmart Plus CPU module v1.91 and earlier, WindLDR v8.19.1 and earlier, WindEDIT Lite v1.3.1 and earlier, and Data File Manager v2.12.1 and…

  • CVE-2021-20826HigDec 24, 2021
    risk 0.49cvss 7.6epss 0.00

    Unprotected transport of credentials vulnerability in IDEC PLCs (FC6A Series MICROSmart All-in-One CPU module v2.32 and earlier, FC6A Series MICROSmart Plus CPU module v1.91 and earlier, WindLDR v8.19.1 and earlier, WindEDIT Lite v1.3.1 and earlier, and Data File Manager v2.12.1…

  • CVE-2024-41927MedSep 4, 2024
    risk 0.30cvss 4.6epss 0.00

    Cleartext transmission of sensitive information vulnerability exists in multiple IDEC PLCs. If an attacker sends a specific command to PLC's serial communication port, user credentials may be obtained. As a result, the program of the PLC may be obtained, and the PLC may be…