Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2021-32980
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
Automation Direct CLICK PLC CPU Modules Authentication Bypass Using an Alternate Path or Channel
Source: NVD (National Vulnerability Database)
Vulnerability Description
Automation Direct CLICK PLC CPU Modules: C0-1x CPUs with firmware prior to v3.00 does not protect against additional software programming connections. An attacker can connect to the PLC while an existing connection is already active.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
使用候选路径或通道进行的认证绕过
Source: NVD (National Vulnerability Database)
Vulnerability Title
CLICK PLC CPU Modules 授权问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
CLICK PLC CPU Modules是Automation Direct的网络设备一个 CLICK CPU 模块最多可以连接 8 个 I/O 模块,以扩展系统 I/O 数量并满足特定应用的需要。 Automation Direct CLICK PLC CPU Modules 中存在授权问题漏洞,该漏洞源于固件不能防止额外的软件编程连接。攻击者可利用该漏洞可以在现有连接处于活动状态时连接到PLC。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
VendorProductAffected VersionsCPESubscribe
Automation DirectCLICK PLC CPU Modules: C0-1x CPUs unspecified ~ 3.00 -
II. Public POCs for CVE-2021-32980
#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC
III. Intelligence Information for CVE-2021-32980
Please Login to view more intelligence information
New Vulnerabilities
Product: CLICK PLC CPU Modules: C0-1x CPUs
Vendor: Automation Direct
Same weakness: CWE-288
V. Comments for CVE-2021-32980

No comments yet

Leave a comment