Multiple vulnerabilities in Automation Direct CLICK PLC CPU Modules
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 5 |
| CVE-ID | CVE-2021-32980 CVE-2021-32984 CVE-2021-32986 CVE-2021-32982 CVE-2021-32978 |
| CWE-ID | CWE-287 CWE-319 CWE-256 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
CLICK PLC CPU Module C0-1x CPUs Hardware solutions / Firmware |
| Vendor |
Security Bulletin
This security bulletin contains information about 5 vulnerabilities.
1) Improper Authentication
EUVDB-ID: #VU54180
Risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-32980
CWE-ID:
CWE-287 - Improper Authentication
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to the firmware does not protect against additional software programming connections. A remote attacker can connect to the PLC while an existing connection is already active.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCLICK PLC CPU Module C0-1x CPUs: before 3.00
External linkshttp://ics-cert.us-cert.gov/advisories/icsa-21-166-02
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Improper Authentication
EUVDB-ID: #VU54183
Risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-32984
CWE-ID:
CWE-287 - Improper Authentication
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to all programming connections receive the same unlocked privileges. A remote attacker can connect to the PLC and read the project without authorization, during the time the PLC is unlocked by an authorized user.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCLICK PLC CPU Module C0-1x CPUs: before 3.00
External linkshttp://ics-cert.us-cert.gov/advisories/icsa-21-166-02
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Improper Authentication
EUVDB-ID: #VU54185
Risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-32986
CWE-ID:
CWE-287 - Improper Authentication
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to after the PLC is unlocked by an authorized user, the unlocked state does not timeout. A remote attacker can gain access to target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCLICK PLC CPU Module C0-1x CPUs: before 3.00
External linkshttp://ics-cert.us-cert.gov/advisories/icsa-21-166-02
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Cleartext transmission of sensitive information
EUVDB-ID: #VU54186
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-32982
CWE-ID:
CWE-319 - Cleartext Transmission of Sensitive Information
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to software uses insecure communication channel to transmit sensitive information. A remote attacker with ability to intercept network traffic can gain access to sensitive data.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCLICK PLC CPU Module C0-1x CPUs: before 3.00
External linkshttp://ics-cert.us-cert.gov/advisories/icsa-21-166-02
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Unprotected storage of credentials
EUVDB-ID: #VU54187
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-32978
CWE-ID:
CWE-256 - Unprotected Storage of Credentials
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to other users' credentials.
The vulnerability exists due to the programming protocol allows for a previously entered password and lock state to be read by an attacker. A remote attacker can use the password to unlock the PLC.
MitigationInstall updates from vendor's website.
Vulnerable software versionsCLICK PLC CPU Module C0-1x CPUs: before 3.00
External linkshttp://ics-cert.us-cert.gov/advisories/icsa-21-166-02
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
