| |
Podatność CVE-2022-2758
Publikacja: 2022-08-31
| Opis: |
All versions of LS Industrial Systems (LSIS) Co. Ltd LS Electric PLCs and XG5000 PLC programming software are affected where passwords are not adequately encrypted during the communication process between the XG5000 software and the affected PLC. This would allow an attacker to identify and decrypt the affected PLC??s password by sniffing the traffic. |
Typ:
CWE-326 (Inadequate Encryption Strength)
Referencje: |
https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-02
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
Polish
English