ICS/OT/SCADA Vulnerability Awareness – Unitronics Vision Series PLCs | Storing Passwords in a Recoverable Format

Given recent attention and attacks against Unitronics Vision Series PLCs and their use in the water and wastewater systems sector, WaterISAC is amplifying this recent vulnerability advisory. Members using Unitronics Vision Series PLCs are highly encouraged to review the following ICS Advisory and address accordingly.

Unitronics Vision Series PLCs | ICSA-24-109-01

Vulnerability: Storing Passwords in a Recoverable Format

• Unitronics Vision Standard PLCs allow a remote, unauthenticated individual to retrieve the ‘Information Mode’ password in plaintext.
• Successful exploitation of this vulnerability could allow an attacker to log in to the Remote HMI feature, where the PLC may be factory reset, stopped, and restarted.
• This vulnerability is remotely exploitable and has a low attack complexity.
• CVE-2024-1480 has been assigned to this vulnerability.

Mitigations: This vulnerability was discovered by Dragos who recommends users to restrict access to the PLC on TCP/20256 by either changing the default programmer port, or apply a multi-factor VPN to protect the service from remote access.

For additional mitigations, visit the CISA ICS Advisory, Unitronics Vision Series PLCs | ICSA-24-109-01