Vulnerability Details CVE-2021-32986
After Automation Direct CLICK PLC CPU Modules: C0-1x CPUs with firmware prior to v3.00 is unlocked by an authorized user, the unlocked state does not timeout. If the programming software is interrupted, the PLC remains unlocked. All subsequent programming connections are allowed without authorization. The PLC is only relocked by a power cycle, or when the programming software disconnects correctly.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 41.2%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
Products affected by CVE-2021-32986
-
cpe:2.3:h:automationdirect:c0-10are-d:-
-
cpe:2.3:h:automationdirect:c0-10dd1e-d:-
-
cpe:2.3:h:automationdirect:c0-10dd2e-d:-
-
cpe:2.3:h:automationdirect:c0-10dre-d:-
-
cpe:2.3:h:automationdirect:c0-11are-d:-
-
cpe:2.3:h:automationdirect:c0-11dd1e-d:-
-
cpe:2.3:h:automationdirect:c0-11dd2e-d:-
-
cpe:2.3:h:automationdirect:c0-11dre-d:-
-
cpe:2.3:h:automationdirect:c0-12are-1-d:-
-
cpe:2.3:h:automationdirect:c0-12are-2-d:-
-
cpe:2.3:h:automationdirect:c0-12are-d:-
-
cpe:2.3:h:automationdirect:c0-12dd1e-1-d:-
-
cpe:2.3:h:automationdirect:c0-12dd1e-2-d:-
-
cpe:2.3:h:automationdirect:c0-12dd1e-d:-
-
cpe:2.3:h:automationdirect:c0-12dd2e-1-d:-
-
cpe:2.3:h:automationdirect:c0-12dd2e-2-d:-
-
cpe:2.3:h:automationdirect:c0-12dd2e-d:-
-
cpe:2.3:h:automationdirect:c0-12dre-1-d:-
-
cpe:2.3:h:automationdirect:c0-12dre-2-d:-
-
cpe:2.3:h:automationdirect:c0-12dre-d:-
-
cpe:2.3:o:automationdirect:c0-10are-d_firmware:-
-
cpe:2.3:o:automationdirect:c0-10dd1e-d_firmware:-
-
cpe:2.3:o:automationdirect:c0-10dd2e-d_firmware:-
-
cpe:2.3:o:automationdirect:c0-10dre-d_firmware:-
-
cpe:2.3:o:automationdirect:c0-11are-d_firmware:-
-
cpe:2.3:o:automationdirect:c0-11dd1e-d_firmware:-
-
cpe:2.3:o:automationdirect:c0-11dd2e-d_firmware:-
-
cpe:2.3:o:automationdirect:c0-11dre-d_firmware:-
-
cpe:2.3:o:automationdirect:c0-12are-1-d_firmware:-
-
cpe:2.3:o:automationdirect:c0-12are-2-d_firmware:-
-
cpe:2.3:o:automationdirect:c0-12are-d_firmware:-
-
cpe:2.3:o:automationdirect:c0-12dd1e-1-d_firmware:-
-
cpe:2.3:o:automationdirect:c0-12dd1e-2-d_firmware:-
-
cpe:2.3:o:automationdirect:c0-12dd1e-d_firmware:-
-
cpe:2.3:o:automationdirect:c0-12dd2e-1-d_firmware:-
-
cpe:2.3:o:automationdirect:c0-12dd2e-2-d_firmware:-
-
cpe:2.3:o:automationdirect:c0-12dd2e-d_firmware:-
-
cpe:2.3:o:automationdirect:c0-12dre-1-d_firmware:-
-
cpe:2.3:o:automationdirect:c0-12dre-2-d_firmware:-
-
cpe:2.3:o:automationdirect:c0-12dre-d_firmware:-