CVE-2021-32986
9.8
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 3.9 / Impact: 5.9
Source: NVD
Description
After Automation Direct CLICK PLC CPU Modules: C0-1x CPUs with firmware prior to v3.00 is unlocked by an authorized user, the unlocked state does not timeout. If the programming software is interrupted, the PLC remains unlocked. All subsequent programming connections are allowed without authorization. The PLC is only relocked by a power cycle, or when the programming software disconnects correctly.
Affected (20)
Products: Automationdirect: C0 10dd1e D Firmware, C0 10dd2e D Firmware, C0 10dre D Firmware, C0 10are D Firmware, C0 11dd1e D Firmware, C0 11dd2e D Firmware, C0 11dre D Firmware, C0 11are D Firmware, C0 12dd1e D Firmware, C0 12dd2e D Firmware, C0 12dre D Firmware, C0 12are D Firmware, C0 12dd1e 1 D Firmware, C0 12dd2e 1 D Firmware, C0 12dre 1 D Firmware, C0 12are 1 D Firmware, C0 12dd1e 2 D Firmware, C0 12dd2e 2 D Firmware, C0 12dre 2 D Firmware, C0 12are 2 D Firmware
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.00 |
| Running on/with | Platform Versions |
|---|---|
Automationdirect C0 10dd1e D | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.00 |
| Running on/with | Platform Versions |
|---|---|
Automationdirect C0 10dd2e D | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.00 |
| Running on/with | Platform Versions |
|---|---|
Automationdirect C0 10dre D | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.00 |
| Running on/with | Platform Versions |
|---|---|
Automationdirect C0 10are D | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.00 |
| Running on/with | Platform Versions |
|---|---|
Automationdirect C0 11dd1e D | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.00 |
| Running on/with | Platform Versions |
|---|---|
Automationdirect C0 11dd2e D | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.00 |
| Running on/with | Platform Versions |
|---|---|
Automationdirect C0 11dre D | All versions |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.00 |
| Running on/with | Platform Versions |
|---|---|
Automationdirect C0 11are D | All versions |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.00 |
| Running on/with | Platform Versions |
|---|---|
Automationdirect C0 12dd1e D | All versions |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.00 |
| Running on/with | Platform Versions |
|---|---|
Automationdirect C0 12dd2e D | All versions |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.00 |
| Running on/with | Platform Versions |
|---|---|
Automationdirect C0 12dre D | All versions |
Configuration L
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.00 |
| Running on/with | Platform Versions |
|---|---|
Automationdirect C0 12are D | All versions |
Configuration M
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.00 |
| Running on/with | Platform Versions |
|---|---|
Automationdirect C0 12dd1e 1 D | All versions |
Configuration N
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.00 |
| Running on/with | Platform Versions |
|---|---|
Automationdirect C0 12dd2e 1 D | All versions |
Configuration O
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.00 |
| Running on/with | Platform Versions |
|---|---|
Automationdirect C0 12dre 1 D | All versions |
Configuration P
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.00 |
| Running on/with | Platform Versions |
|---|---|
Automationdirect C0 12are 1 D | All versions |
Configuration Q
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.00 |
| Running on/with | Platform Versions |
|---|---|
Automationdirect C0 12dd1e 2 D | All versions |
Configuration R
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.00 |
| Running on/with | Platform Versions |
|---|---|
Automationdirect C0 12dd2e 2 D | All versions |
Configuration S
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.00 |
| Running on/with | Platform Versions |
|---|---|
Automationdirect C0 12dre 2 D | All versions |
Configuration T
| Vulnerable Software | Affected Versions |
|---|---|
| Before 3.00 |
| Running on/with | Platform Versions |
|---|---|
Automationdirect C0 12are 2 D | All versions |
Related CWEs
CWE-288
Authentication Bypass Using an Alternate Path or Channel
A product requires authentication, but the product has an alternate path or channel that does not require authentication.
CWE-863
Incorrect Authorization
The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions.
References (2)
Source: ics-cert@hq.dhs.gov
Third Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryUS Government Resource
Timeline
No history available yet.