Unitronics, a leading manufacturer of Programmable Logic Controllers (PLCs), has disclosed a critical vulnerability affecting its Vision Legacy series PLCs. This vulnerability, identified as CVE-2024-1480, poses a significant threat as it enables remote attackers to retrieve ‘Information Mode’ passwords in plaintext. This flaw impacts a range of PLC models, including Vision 230, 280, and 530, highlighting the widespread risk it presents to industrial systems.
The severity of this vulnerability is underscored by its high CVSS v4 score of 8.7, indicating the urgent need for mitigation measures. In response, Unitronics has issued recommendations for immediate action, urging users to change the default ‘Info Mode’ password and implement restrictions on Ethernet access to the PLC. Additionally, cybersecurity firm Dragos has advised implementing multi-factor authentication and considering modifications to default programmer ports to enhance security.
The Cybersecurity and Infrastructure Security Agency (CISA) has echoed these recommendations, emphasizing the critical importance of minimizing network exposure and implementing robust defensive measures. Given the potential impact on critical infrastructure sectors and the widespread deployment of Unitronics PLCs worldwide, prompt action is essential to mitigate the risk of unauthorized access and control. Organizations are urged to prioritize these mitigation efforts to safeguard industrial control systems from exploitation.
