CVE-2018-7522

Summary

In Schneider Electric Triconex Tricon MP model 3008 firmware versions 10.0-10.4, when a system call is made, registers are stored to a fixed memory location. Modifying the data in this location could allow attackers to gain supervisor-level access and control system states.

Affected Software

VendorProductVersion RangeStatus
Schneider ElectricTriconex TriconMP model 3008 firmware versions 10.0-10.4affected

Weaknesses

  • CWE-119: Improper Restriction Of Operations Within The Bounds Of A Memory Buffer CWE-119

ADP Enrichment

CVE Program Container

Additional References

References