CVE-2024-39922
CVSS 3.1 Score 4.6 of 10 (medium)
Details
Summary
CVE-2024-39922: A serious vulnerability has been discovered in various versions of LOGO! RCE, LOGO! RCEo, LOGO! 24CE, LOGO! 24CEo, LOGO! 230RCE, LOGO! 230RCEo, SIPLUS LOGO! 12/24RCE, SIPLUS LOGO! 12/24RCEo, SIPLUS LOGO! 230RCE, SIPLUS LOGO! 230RCEo, SIPLUS LOGO! 24CE, and SIPLUS LOGO! 24CEo. These software applications store user passwords in plaintext without adequate protection, posing a significant risk. A physical attacker with access to the affected devices can easily retrieve these passwords from the embedded storage ICs, potentially leading to unauthorized access to sensitive data or systems.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.