CVE-2022-1794
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
The CODESYS OPC DA Server prior V3.5.18.20 stores PLC passwords as plain text in its configuration file so that it is visible to all authorized Microsoft Windows users of the system.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| CODESYS | CODESYS OPC DA Server | V3 <= V3.5.18.20 | affected |
Weaknesses
- CWE-256: CWE-256 Unprotected Storage of Credentials
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.