Summary
In ifm Smart PLC firmware up to version 4.3.17 for Smart PLC controllers AC14xx and AC4xxS, an attacker can access the configuration by using the hardcoded credentials. The endpoint hosts a scripts capable of executing various commands.
Impact
Please see the CVE description.
Affected Product(s)
| Model no. | Product name | Affected versions |
|---|---|---|
| Smart PLC AC14xx Firmware | Firmware <=V4.3.17 | |
| Smart PLC AC4xxS Firmware | Firmware <=V4.3.17 |
Vulnerabilities
Expand / Collapse allAn unauthenticated remote attacker can use the hard-coded credentials to access the SmartSPS devices with high privileges.
An high privileged remote attacker can enable telnet access that accepts hardcoded credentials.
A remote attacker with high privileges may use a reading file function to inject OS commands.
A remote attacker with high privileges may use a writing file function to inject OS commands.
A remote attacker with high privileges may use a deleting file function to inject OS commands.
Mitigation
When using automation components, make sure that no unauthorized access can take place. Addition measures should be taken to ensure that the components do not have direct access to Internet resources and that they cannot be accessed from insecure networks. Use available security measures such as authentication and authorization groups.
Remediation
Update to Firmware Version 6.1.8 or later.
Revision History
| Version | Date | Summary |
|---|---|---|
| 1.0.0 | 07/09/2024 09:00 | Initial revision. |
| 1.1.0 | 08/27/2025 12:00 | Update: CWE from CVE-2024-28751, Revision History |