CVE-2021-32986

Automation Direct CLICK PLC CPU Modules Authentication Bypass Using an Alternate Path or Channel

Description

After Automation Direct CLICK PLC CPU Modules: C0-1x CPUs with firmware prior to v3.00 is unlocked by an authorized user, the unlocked state does not timeout. If the programming software is interrupted, the PLC remains unlocked. All subsequent programming connections are allowed without authorization. The PLC is only relocked by a power cycle, or when the programming software disconnects correctly.

Remediation

Solution:

Automation Direct reports these vulnerabilities are all mitigated by Version 3.00 and recommends users update software and firmware to the latest version. Automation Direct also recommends users follow its security guidelines.

References

Link	Tags
https://www.cisa.gov/uscert/ics/advisories/icsa-21-166-02	third party advisory us government resource

Frequently Asked Questions

What is the severity of CVE-2021-32986?: CVE-2021-32986 has been scored as a critical severity vulnerability.
How to fix CVE-2021-32986?: To fix CVE-2021-32986: Automation Direct reports these vulnerabilities are all mitigated by Version 3.00 and recommends users update software and firmware to the latest version. Automation Direct also recommends users follow its security guidelines.
Is CVE-2021-32986 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2021-32986 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2021-32986?: CVE-2021-32986 affects Automation Direct CLICK PLC CPU Modules: C0-1x CPUs.

Description

Remediation

Categories

CWE-288 – Authentication Bypass Using an Alternate Path or Channel

CWE-863 – Incorrect Authorization

References

Frequently Asked Questions