CVE-2018-7789
4.8
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
Summary
An Improper Check for Unusual or Exceptional Conditions vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to remotely reboot Modicon M221 using crafted programing protocol frames.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Schneider Electric SE | Modicon M221, all references, all versions prior to firmware V1.6.2.0 | Modicon M221, all references, all versions prior to firmware V1.6.2.0 | affected |
Weaknesses
- Improper Check for Unusual or Exceptional Conditions
ADP Enrichment
CVE Program Container
Additional References
- https://ics-cert.us-cert.gov/advisories/ICSA-18-240-02
- https://www.schneider-electric.com/en/download/document/SEVD-2018-233-01/
- http://www.securityfocus.com/bid/105171
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://ics-cert.us-cert.gov/advisories/ICSA-18-240-02
- https://www.schneider-electric.com/en/download/document/SEVD-2018-233-01/
- http://www.securityfocus.com/bid/105171
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.