Not SimonCISA Industrial Control System security advisory includes a familiar product: Unitronics Vision Standard PLCs allow a remote, unauthenticated individual to retrieve the 'Information Mode' password in plaintext. This vulnerability is tracked as CVE-2024-1480 (7.5 high) and was reported by @reverseics of Dragos. π https://www.cisa.gov/news-events/ics-advisories/icsa-24-109-01
Unitronics has not responded to requests to work with CISA to mitigate this vulnerability.
No known public exploitation specifically targeting these vulnerabilities has been reported to CISA at this time.