CVE-2018-7242
N/A
N/A
Summary
Vulnerable hash algorithms exists in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communication modules. The algorithm used to encrypt the password is vulnerable to hash collision attacks.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Schneider Electric SE | Modicon Premium, Modicon Quantum, Modicon M340, BMXNOR0200 | All versions of communication modules for Modicon Premium, Quantum, M340 and BMXNOR0200 | affected |
Weaknesses
- Vulnerable Hash Algorithms
ADP Enrichment
CVE Program Container
Additional References
- https://www.schneider-electric.com/en/download/document/SEVD-2018-081-01/
- https://ics-cert.us-cert.gov/advisories/ICSA-18-086-01
- http://www.securityfocus.com/bid/103543
References
- https://www.schneider-electric.com/en/download/document/SEVD-2018-081-01/
- https://ics-cert.us-cert.gov/advisories/ICSA-18-086-01
- http://www.securityfocus.com/bid/103543
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.