Vulnerability Details CVE-2024-41716
Cleartext storage of sensitive information vulnerability exists in WindLDR and WindO/I-NV4. If this vulnerability is exploited, an attacker who obtained the product's project file may obtain user credentials of the PLC or Operator Interfaces. As a result, an attacker may be able to manipulate and/or suspend the PLC and Operator Interfaces by accessing or hijacking them.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 28.1%
CVSS Severity
CVSS v3 Score 8.1
Products affected by CVE-2024-41716
-
cpe:2.3:a:idec:windldr:*
-
cpe:2.3:a:idec:windo/i-nv4:*