Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2018-7790
Vulnerability from cvelistv5
Published
2018-08-29 21:00
Modified
2024-09-16 19:52
Severity ?
EPSS score ?
Summary
An Information Management Error vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to replay authentication sequences. If an attacker exploits this vulnerability and connects to a Modicon M221, the attacker can upload the original program from the PLC.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cybersecurity@se.com | http://www.securityfocus.com/bid/105182 | Third Party Advisory, VDB Entry | |
| cybersecurity@se.com | https://www.schneider-electric.com/en/download/document/SEVD-2018-235-01/ | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/105182 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.schneider-electric.com/en/download/document/SEVD-2018-235-01/ | Mitigation, Vendor Advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Schneider Electric SE | Modicon M221, all references, all versions prior to firmware V1.6.2.0 |
Version: Modicon M221, all references, all versions prior to firmware V1.6.2.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:37:59.565Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "105182",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105182"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-235-01/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Modicon M221, all references, all versions prior to firmware V1.6.2.0",
"vendor": "Schneider Electric SE",
"versions": [
{
"status": "affected",
"version": "Modicon M221, all references, all versions prior to firmware V1.6.2.0"
}
]
}
],
"datePublic": "2018-08-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An Information Management Error vulnerability exists in Schneider Electric\u0027s Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to replay authentication sequences. If an attacker exploits this vulnerability and connects to a Modicon M221, the attacker can upload the original program from the PLC."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Management Error",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-08-31T09:57:01",
"orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"shortName": "schneider"
},
"references": [
{
"name": "105182",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105182"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-235-01/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cybersecurity@schneider-electric.com",
"DATE_PUBLIC": "2018-08-22T00:00:00",
"ID": "CVE-2018-7790",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Modicon M221, all references, all versions prior to firmware V1.6.2.0",
"version": {
"version_data": [
{
"version_value": "Modicon M221, all references, all versions prior to firmware V1.6.2.0"
}
]
}
}
]
},
"vendor_name": "Schneider Electric SE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An Information Management Error vulnerability exists in Schneider Electric\u0027s Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to replay authentication sequences. If an attacker exploits this vulnerability and connects to a Modicon M221, the attacker can upload the original program from the PLC."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Management Error"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "105182",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105182"
},
{
"name": "https://www.schneider-electric.com/en/download/document/SEVD-2018-235-01/",
"refsource": "CONFIRM",
"url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-235-01/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"assignerShortName": "schneider",
"cveId": "CVE-2018-7790",
"datePublished": "2018-08-29T21:00:00Z",
"dateReserved": "2018-03-08T00:00:00",
"dateUpdated": "2024-09-16T19:52:22.431Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2018-7790\",\"sourceIdentifier\":\"cybersecurity@se.com\",\"published\":\"2018-08-29T21:29:01.070\",\"lastModified\":\"2024-11-21T04:12:44.423\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An Information Management Error vulnerability exists in Schneider Electric\u0027s Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to replay authentication sequences. If an attacker exploits this vulnerability and connects to a Modicon M221, the attacker can upload the original program from the PLC.\"},{\"lang\":\"es\",\"value\":\"Existe una vulnerabilidad de error de gesti\u00f3n de informaci\u00f3n en el producto Modicon M221, de Schneider Electric (todas las referencias y todas las versiones anteriores al firmware V1.6.2.0). La vulnerabilidad permite que usuarios no autorizados reproduzcan secuencias de autenticaci\u00f3n. Si un atacante explota la vulnerabilidad y se conecta a Modicon M221, el atacante puede subir el programa original desde el PLC.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-294\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:schneider-electric:modicon_m221_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.6.2.0\",\"matchCriteriaId\":\"55D26878-E5EB-4537-A252-34B3EBB758CC\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:schneider-electric:modicon_m221:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB0D83F4-B718-47AB-AFB8-B576CB138AAC\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/105182\",\"source\":\"cybersecurity@se.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.schneider-electric.com/en/download/document/SEVD-2018-235-01/\",\"source\":\"cybersecurity@se.com\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/105182\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.schneider-electric.com/en/download/document/SEVD-2018-235-01/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]}]}}"
}
}
gsd-2018-7790
Vulnerability from gsd
Modified
2023-12-13 01:22
Details
An Information Management Error vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to replay authentication sequences. If an attacker exploits this vulnerability and connects to a Modicon M221, the attacker can upload the original program from the PLC.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2018-7790",
"description": "An Information Management Error vulnerability exists in Schneider Electric\u0027s Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to replay authentication sequences. If an attacker exploits this vulnerability and connects to a Modicon M221, the attacker can upload the original program from the PLC.",
"id": "GSD-2018-7790"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2018-7790"
],
"details": "An Information Management Error vulnerability exists in Schneider Electric\u0027s Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to replay authentication sequences. If an attacker exploits this vulnerability and connects to a Modicon M221, the attacker can upload the original program from the PLC.",
"id": "GSD-2018-7790",
"modified": "2023-12-13T01:22:32.791183Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cybersecurity@schneider-electric.com",
"DATE_PUBLIC": "2018-08-22T00:00:00",
"ID": "CVE-2018-7790",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Modicon M221, all references, all versions prior to firmware V1.6.2.0",
"version": {
"version_data": [
{
"version_value": "Modicon M221, all references, all versions prior to firmware V1.6.2.0"
}
]
}
}
]
},
"vendor_name": "Schneider Electric SE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An Information Management Error vulnerability exists in Schneider Electric\u0027s Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to replay authentication sequences. If an attacker exploits this vulnerability and connects to a Modicon M221, the attacker can upload the original program from the PLC."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Management Error"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "105182",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105182"
},
{
"name": "https://www.schneider-electric.com/en/download/document/SEVD-2018-235-01/",
"refsource": "CONFIRM",
"url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-235-01/"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:schneider-electric:modicon_m221_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.6.2.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:schneider-electric:modicon_m221:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cybersecurity@schneider-electric.com",
"ID": "CVE-2018-7790"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "An Information Management Error vulnerability exists in Schneider Electric\u0027s Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to replay authentication sequences. If an attacker exploits this vulnerability and connects to a Modicon M221, the attacker can upload the original program from the PLC."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-294"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.schneider-electric.com/en/download/document/SEVD-2018-235-01/",
"refsource": "CONFIRM",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-235-01/"
},
{
"name": "105182",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105182"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
},
"lastModifiedDate": "2022-02-03T14:31Z",
"publishedDate": "2018-08-29T21:29Z"
}
}
}
var-201808-0962
Vulnerability from variot
An Information Management Error vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to replay authentication sequences. If an attacker exploits this vulnerability and connects to a Modicon M221, the attacker can upload the original program from the PLC. Schneider Electric Modicon M221 Contains information management vulnerabilities.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The Modicon M221 is a logic controller from Schneider Electric. Attackers can exploit these issues to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201808-0962",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "modicon m221",
"scope": "lt",
"trust": 1.8,
"vendor": "schneider electric",
"version": "1.6.2.0"
},
{
"model": "electric modicon m221",
"scope": "lt",
"trust": 0.6,
"vendor": "schneider",
"version": "1.6.2.0"
},
{
"model": "modicon m221",
"scope": "eq",
"trust": 0.6,
"vendor": "schneider electric",
"version": "1.1.1.5"
},
{
"model": "modicon m221",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "1.5.0.1"
},
{
"model": "modicon m221",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "1.5.0.0"
},
{
"model": "modicon m221",
"scope": "eq",
"trust": 0.3,
"vendor": "schneider electric",
"version": "0"
},
{
"model": "modicon m221",
"scope": "ne",
"trust": 0.3,
"vendor": "schneider electric",
"version": "1.6.2.0"
},
{
"model": null,
"scope": "eq",
"trust": 0.2,
"vendor": "modicon m221",
"version": "*"
}
],
"sources": [
{
"db": "IVD",
"id": "49145ed1-5915-4f3a-bcbd-df38b5f91bb0"
},
{
"db": "CNVD",
"id": "CNVD-2019-06189"
},
{
"db": "BID",
"id": "105182"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010010"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-907"
},
{
"db": "NVD",
"id": "CVE-2018-7790"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:schneider_electric:modicon_m221_firmware",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010010"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Irfan Ahmed, Sushma Kalle, and Nehal Ameen of the University of New Orleans, Hyunguk Yoo",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201808-907"
}
],
"trust": 0.6
},
"cve": "CVE-2018-7790",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2018-7790",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-7790",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2019-06189",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "IVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "49145ed1-5915-4f3a-bcbd-df38b5f91bb0",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.2,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.9 [IVD]"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-137822",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2018-7790",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-7790",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-7790",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "NVD",
"id": "CVE-2018-7790",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNVD",
"id": "CNVD-2019-06189",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201808-907",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "IVD",
"id": "49145ed1-5915-4f3a-bcbd-df38b5f91bb0",
"trust": 0.2,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-137822",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2018-7790",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "IVD",
"id": "49145ed1-5915-4f3a-bcbd-df38b5f91bb0"
},
{
"db": "CNVD",
"id": "CNVD-2019-06189"
},
{
"db": "VULHUB",
"id": "VHN-137822"
},
{
"db": "VULMON",
"id": "CVE-2018-7790"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010010"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-907"
},
{
"db": "NVD",
"id": "CVE-2018-7790"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An Information Management Error vulnerability exists in Schneider Electric\u0027s Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to replay authentication sequences. If an attacker exploits this vulnerability and connects to a Modicon M221, the attacker can upload the original program from the PLC. Schneider Electric Modicon M221 Contains information management vulnerabilities.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The Modicon M221 is a logic controller from Schneider Electric. \nAttackers can exploit these issues to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-7790"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010010"
},
{
"db": "CNVD",
"id": "CNVD-2019-06189"
},
{
"db": "BID",
"id": "105182"
},
{
"db": "IVD",
"id": "49145ed1-5915-4f3a-bcbd-df38b5f91bb0"
},
{
"db": "VULHUB",
"id": "VHN-137822"
},
{
"db": "VULMON",
"id": "CVE-2018-7790"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-7790",
"trust": 3.7
},
{
"db": "BID",
"id": "105182",
"trust": 2.1
},
{
"db": "ICS CERT",
"id": "ICSA-18-240-01",
"trust": 1.8
},
{
"db": "SCHNEIDER",
"id": "SEVD-2018-235-01",
"trust": 1.8
},
{
"db": "CNVD",
"id": "CNVD-2019-06189",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201808-907",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010010",
"trust": 0.8
},
{
"db": "IVD",
"id": "49145ED1-5915-4F3A-BCBD-DF38B5F91BB0",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-137822",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-7790",
"trust": 0.1
}
],
"sources": [
{
"db": "IVD",
"id": "49145ed1-5915-4f3a-bcbd-df38b5f91bb0"
},
{
"db": "CNVD",
"id": "CNVD-2019-06189"
},
{
"db": "VULHUB",
"id": "VHN-137822"
},
{
"db": "VULMON",
"id": "CVE-2018-7790"
},
{
"db": "BID",
"id": "105182"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010010"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-907"
},
{
"db": "NVD",
"id": "CVE-2018-7790"
}
]
},
"id": "VAR-201808-0962",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "IVD",
"id": "49145ed1-5915-4f3a-bcbd-df38b5f91bb0"
},
{
"db": "CNVD",
"id": "CNVD-2019-06189"
},
{
"db": "VULHUB",
"id": "VHN-137822"
}
],
"trust": 1.8935065
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS",
"Network device"
],
"sub_category": null,
"trust": 0.6
},
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.2
}
],
"sources": [
{
"db": "IVD",
"id": "49145ed1-5915-4f3a-bcbd-df38b5f91bb0"
},
{
"db": "CNVD",
"id": "CNVD-2019-06189"
}
]
},
"last_update_date": "2024-11-23T21:52:51.061000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SEVD-2018-235-01",
"trust": 0.8,
"url": "https://download.schneider-electric.com/files?p_enDocType=Technical+leaflet\u0026p_File_Name=SEVD-2018-235-01-Modicon-M221.pdf\u0026p_Doc_Ref=SEVD-2018-235-01"
},
{
"title": "SchneiderElectricModiconM221 Certification Sequence Replay Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/155255"
},
{
"title": "Schneider Electric Modicon M221 Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=100300"
},
{
"title": "CVE-2018-7790",
"trust": 0.1,
"url": "https://github.com/AlAIAL90/CVE-2018-7790 "
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-06189"
},
{
"db": "VULMON",
"id": "CVE-2018-7790"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010010"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-907"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-294",
"trust": 1.1
},
{
"problemtype": "CWE-199",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-137822"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010010"
},
{
"db": "NVD",
"id": "CVE-2018-7790"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://ics-cert.us-cert.gov/advisories/icsa-18-240-01"
},
{
"trust": 1.8,
"url": "http://www.securityfocus.com/bid/105182"
},
{
"trust": 1.8,
"url": "https://www.schneider-electric.com/en/download/document/sevd-2018-235-01/"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7790"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-7790"
},
{
"trust": 0.3,
"url": "http://www.schneider-electric.com/products/ww/en/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/294.html"
},
{
"trust": 0.1,
"url": "https://github.com/alaial90/cve-2018-7790"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-06189"
},
{
"db": "VULHUB",
"id": "VHN-137822"
},
{
"db": "VULMON",
"id": "CVE-2018-7790"
},
{
"db": "BID",
"id": "105182"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010010"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-907"
},
{
"db": "NVD",
"id": "CVE-2018-7790"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "IVD",
"id": "49145ed1-5915-4f3a-bcbd-df38b5f91bb0"
},
{
"db": "CNVD",
"id": "CNVD-2019-06189"
},
{
"db": "VULHUB",
"id": "VHN-137822"
},
{
"db": "VULMON",
"id": "CVE-2018-7790"
},
{
"db": "BID",
"id": "105182"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010010"
},
{
"db": "CNNVD",
"id": "CNNVD-201808-907"
},
{
"db": "NVD",
"id": "CVE-2018-7790"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-03-06T00:00:00",
"db": "IVD",
"id": "49145ed1-5915-4f3a-bcbd-df38b5f91bb0"
},
{
"date": "2019-03-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-06189"
},
{
"date": "2018-08-29T00:00:00",
"db": "VULHUB",
"id": "VHN-137822"
},
{
"date": "2018-08-29T00:00:00",
"db": "VULMON",
"id": "CVE-2018-7790"
},
{
"date": "2018-08-28T00:00:00",
"db": "BID",
"id": "105182"
},
{
"date": "2018-12-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010010"
},
{
"date": "2018-08-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201808-907"
},
{
"date": "2018-08-29T21:29:01.070000",
"db": "NVD",
"id": "CVE-2018-7790"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-03-06T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-06189"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-137822"
},
{
"date": "2021-08-19T00:00:00",
"db": "VULMON",
"id": "CVE-2018-7790"
},
{
"date": "2018-08-28T00:00:00",
"db": "BID",
"id": "105182"
},
{
"date": "2019-01-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010010"
},
{
"date": "2022-03-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201808-907"
},
{
"date": "2024-11-21T04:12:44.423000",
"db": "NVD",
"id": "CVE-2018-7790"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201808-907"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Schneider Electric Modicon M221 Vulnerability in information management",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010010"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201808-907"
}
],
"trust": 0.6
}
}
icsa-18-240-01
Vulnerability from csaf_cisa
Published
2018-08-28 00:00
Modified
2018-08-28 00:00
Summary
Schneider Electric Modicon M221
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of these vulnerabilities may allow unauthorized users to replay authentication sequences, overwrite passwords, or decode passwords.
Critical infrastructure sectors
Commercial Facilities
Countries/areas deployed
Worldwide
Company headquarters location
France
Recommended Practices
NCCIC recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:
Recommended Practices
NCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.NCCIC also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS-CERT website in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to NCCIC for tracking and correlation against other incidents.
Exploitability
No known public exploits specifically target these vulnerabilities. High skill level is needed to exploit.
{
"document": {
"acknowledgments": [
{
"names": [
"Irfan Ahmed",
"Hyunguk Yoo",
"Sushma Kalle",
"Nehal Ameen"
],
"organization": "the University of New Orleans",
"summary": "reporting these vulnerabilities to NCCIC"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "summary",
"text": "Successful exploitation of these vulnerabilities may allow unauthorized users to replay authentication sequences, overwrite passwords, or decode passwords.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "Commercial Facilities",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "France",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "NCCIC recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "NCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.NCCIC also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS-CERT website in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to NCCIC for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "other",
"text": "No known public exploits specifically target these vulnerabilities. High skill level is needed to exploit.",
"title": "Exploitability"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-18-240-01 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2018/icsa-18-240-01.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-18-240-01 Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-18-240-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
}
],
"title": "Schneider Electric Modicon M221",
"tracking": {
"current_release_date": "2018-08-28T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-18-240-01",
"initial_release_date": "2018-08-28T00:00:00.000000Z",
"revision_history": [
{
"date": "2018-08-28T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "ICSA-18-240-01 Schneider Electric Modicon M221"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 1.6.2.0",
"product": {
"name": "Modicon M221 all references: all versions prior to firmware v1.6.2.0",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "Modicon M221 all references"
}
],
"category": "vendor",
"name": "Schneider Electric Software, LLC"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-7790",
"cwe": {
"id": "CWE-204",
"name": "Observable Response Discrepancy"
},
"notes": [
{
"category": "summary",
"text": "This vulnerability allows unauthorized users to replay authentication sequences.If an attacker exploits this vulnerability and connects to a Modicon M221, the attacker may upload the original program from the PLC.CVE-2018-7790 has been assigned to this vulnerability. A CVSS v3 base score of 7.1 has been calculated; the CVSS vector string is (AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-7790"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L"
}
],
"remediations": [
{
"category": "mitigation",
"details": "A fix for these vulnerabilities is implemented in Modicon M221 Firmware v1.6.2.0, delivered within SoMachine Basic v1.6 SP2, which is available for download below, or by using Schneider Electric Software Update tool",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.schneider-electric.com/en/download/document/SoMachineBasicV1.6SP2/"
},
{
"category": "mitigation",
"details": "As a temporary mitigation, Modicon M221 users should take the following measures: Set up a firewall blocking all remote/external access to Port 502.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Within the Modicon M221 application, users must disable all unused protocols, especially programming protocol, as described in section \u201cConfiguring Ethernet Network\u201d of SoMachine Basic online help. This will prevent remote programming of the M221 PLC.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Schneider Electric\u0027s security notice SEVD-2018-235-01 is available",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-235-01/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2018-7791",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "summary",
"text": "This vulnerability allows unauthorized users to overwrite the original password.If an attacker exploits this vulnerability and overwrites the password, the attacker may upload the original program from the PLC.CVE-2018-7791 has been assigned to this vulnerability. A CVSS v3 base score of 7.7 has been assigned; the CVSS vector string is (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-7791"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L"
}
],
"remediations": [
{
"category": "mitigation",
"details": "A fix for these vulnerabilities is implemented in Modicon M221 Firmware v1.6.2.0, delivered within SoMachine Basic v1.6 SP2, which is available for download below, or by using Schneider Electric Software Update tool",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.schneider-electric.com/en/download/document/SoMachineBasicV1.6SP2/"
},
{
"category": "mitigation",
"details": "As a temporary mitigation, Modicon M221 users should take the following measures: Set up a firewall blocking all remote/external access to Port 502.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Within the Modicon M221 application, users must disable all unused protocols, especially programming protocol, as described in section \u201cConfiguring Ethernet Network\u201d of SoMachine Basic online help. This will prevent remote programming of the M221 PLC.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Schneider Electric\u0027s security notice SEVD-2018-235-01 is available",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-235-01/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2018-7792",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "summary",
"text": "This vulnerability allows unauthorized users to decode the password using a rainbow table.CVE-2018-7792 has been assigned to this vulnerability. A CVSS v3 base score of 7.7 has been assigned; the CVSS vector string is (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-7792"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L"
}
],
"remediations": [
{
"category": "mitigation",
"details": "A fix for these vulnerabilities is implemented in Modicon M221 Firmware v1.6.2.0, delivered within SoMachine Basic v1.6 SP2, which is available for download below, or by using Schneider Electric Software Update tool",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.schneider-electric.com/en/download/document/SoMachineBasicV1.6SP2/"
},
{
"category": "mitigation",
"details": "As a temporary mitigation, Modicon M221 users should take the following measures: Set up a firewall blocking all remote/external access to Port 502.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Within the Modicon M221 application, users must disable all unused protocols, especially programming protocol, as described in section \u201cConfiguring Ethernet Network\u201d of SoMachine Basic online help. This will prevent remote programming of the M221 PLC.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Schneider Electric\u0027s security notice SEVD-2018-235-01 is available",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-235-01/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
}
]
}
ICSA-18-240-01
Vulnerability from csaf_cisa
Published
2018-08-28 00:00
Modified
2018-08-28 00:00
Summary
Schneider Electric Modicon M221
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of these vulnerabilities may allow unauthorized users to replay authentication sequences, overwrite passwords, or decode passwords.
Critical infrastructure sectors
Commercial Facilities
Countries/areas deployed
Worldwide
Company headquarters location
France
Recommended Practices
NCCIC recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:
Recommended Practices
NCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.NCCIC also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS-CERT website in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to NCCIC for tracking and correlation against other incidents.
Exploitability
No known public exploits specifically target these vulnerabilities. High skill level is needed to exploit.
{
"document": {
"acknowledgments": [
{
"names": [
"Irfan Ahmed",
"Hyunguk Yoo",
"Sushma Kalle",
"Nehal Ameen"
],
"organization": "the University of New Orleans",
"summary": "reporting these vulnerabilities to NCCIC"
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Disclosure is not limited",
"tlp": {
"label": "WHITE",
"url": "https://us-cert.cisa.gov/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov",
"title": "CISA Disclaimer"
},
{
"category": "legal_disclaimer",
"text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.",
"title": "Legal Notice"
},
{
"category": "summary",
"text": "Successful exploitation of these vulnerabilities may allow unauthorized users to replay authentication sequences, overwrite passwords, or decode passwords.",
"title": "Risk evaluation"
},
{
"category": "other",
"text": "Commercial Facilities",
"title": "Critical infrastructure sectors"
},
{
"category": "other",
"text": "Worldwide",
"title": "Countries/areas deployed"
},
{
"category": "other",
"text": "France",
"title": "Company headquarters location"
},
{
"category": "general",
"text": "NCCIC recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Specifically, users should:",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "NCCIC reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.NCCIC also provides a section for control systems security recommended practices on the ICS-CERT web page. Several recommended practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.",
"title": "Recommended Practices"
},
{
"category": "general",
"text": "Additional mitigation guidance and recommended practices are publicly available on the ICS-CERT website in the Technical Information Paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.Organizations observing any suspected malicious activity should follow their established internal procedures and report their findings to NCCIC for tracking and correlation against other incidents.",
"title": "Recommended Practices"
},
{
"category": "other",
"text": "No known public exploits specifically target these vulnerabilities. High skill level is needed to exploit.",
"title": "Exploitability"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870",
"name": "CISA",
"namespace": "https://www.cisa.gov/"
},
"references": [
{
"category": "self",
"summary": "ICS Advisory ICSA-18-240-01 JSON",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2018/icsa-18-240-01.json"
},
{
"category": "self",
"summary": "ICS Advisory ICSA-18-240-01 Web Version",
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-18-240-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf"
},
{
"category": "external",
"summary": "Recommended Practices",
"url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B"
}
],
"title": "Schneider Electric Modicon M221",
"tracking": {
"current_release_date": "2018-08-28T00:00:00.000000Z",
"generator": {
"engine": {
"name": "CISA CSAF Generator",
"version": "1.0.0"
}
},
"id": "ICSA-18-240-01",
"initial_release_date": "2018-08-28T00:00:00.000000Z",
"revision_history": [
{
"date": "2018-08-28T00:00:00.000000Z",
"legacy_version": "Initial",
"number": "1",
"summary": "ICSA-18-240-01 Schneider Electric Modicon M221"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c 1.6.2.0",
"product": {
"name": "Modicon M221 all references: all versions prior to firmware v1.6.2.0",
"product_id": "CSAFPID-0001"
}
}
],
"category": "product_name",
"name": "Modicon M221 all references"
}
],
"category": "vendor",
"name": "Schneider Electric Software, LLC"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-7790",
"cwe": {
"id": "CWE-204",
"name": "Observable Response Discrepancy"
},
"notes": [
{
"category": "summary",
"text": "This vulnerability allows unauthorized users to replay authentication sequences.If an attacker exploits this vulnerability and connects to a Modicon M221, the attacker may upload the original program from the PLC.CVE-2018-7790 has been assigned to this vulnerability. A CVSS v3 base score of 7.1 has been calculated; the CVSS vector string is (AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-7790"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L"
}
],
"remediations": [
{
"category": "mitigation",
"details": "A fix for these vulnerabilities is implemented in Modicon M221 Firmware v1.6.2.0, delivered within SoMachine Basic v1.6 SP2, which is available for download below, or by using Schneider Electric Software Update tool",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.schneider-electric.com/en/download/document/SoMachineBasicV1.6SP2/"
},
{
"category": "mitigation",
"details": "As a temporary mitigation, Modicon M221 users should take the following measures: Set up a firewall blocking all remote/external access to Port 502.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Within the Modicon M221 application, users must disable all unused protocols, especially programming protocol, as described in section \u201cConfiguring Ethernet Network\u201d of SoMachine Basic online help. This will prevent remote programming of the M221 PLC.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Schneider Electric\u0027s security notice SEVD-2018-235-01 is available",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-235-01/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2018-7791",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "summary",
"text": "This vulnerability allows unauthorized users to overwrite the original password.If an attacker exploits this vulnerability and overwrites the password, the attacker may upload the original program from the PLC.CVE-2018-7791 has been assigned to this vulnerability. A CVSS v3 base score of 7.7 has been assigned; the CVSS vector string is (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-7791"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L"
}
],
"remediations": [
{
"category": "mitigation",
"details": "A fix for these vulnerabilities is implemented in Modicon M221 Firmware v1.6.2.0, delivered within SoMachine Basic v1.6 SP2, which is available for download below, or by using Schneider Electric Software Update tool",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.schneider-electric.com/en/download/document/SoMachineBasicV1.6SP2/"
},
{
"category": "mitigation",
"details": "As a temporary mitigation, Modicon M221 users should take the following measures: Set up a firewall blocking all remote/external access to Port 502.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Within the Modicon M221 application, users must disable all unused protocols, especially programming protocol, as described in section \u201cConfiguring Ethernet Network\u201d of SoMachine Basic online help. This will prevent remote programming of the M221 PLC.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Schneider Electric\u0027s security notice SEVD-2018-235-01 is available",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-235-01/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
},
{
"cve": "CVE-2018-7792",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "summary",
"text": "This vulnerability allows unauthorized users to decode the password using a rainbow table.CVE-2018-7792 has been assigned to this vulnerability. A CVSS v3 base score of 7.7 has been assigned; the CVSS vector string is (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L).",
"title": "Vulnerability Summary"
}
],
"product_status": {
"known_affected": [
"CSAFPID-0001"
]
},
"references": [
{
"category": "external",
"summary": "web.nvd.nist.gov",
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-7792"
},
{
"category": "external",
"summary": "www.first.org",
"url": "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L"
}
],
"remediations": [
{
"category": "mitigation",
"details": "A fix for these vulnerabilities is implemented in Modicon M221 Firmware v1.6.2.0, delivered within SoMachine Basic v1.6 SP2, which is available for download below, or by using Schneider Electric Software Update tool",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.schneider-electric.com/en/download/document/SoMachineBasicV1.6SP2/"
},
{
"category": "mitigation",
"details": "As a temporary mitigation, Modicon M221 users should take the following measures: Set up a firewall blocking all remote/external access to Port 502.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Within the Modicon M221 application, users must disable all unused protocols, especially programming protocol, as described in section \u201cConfiguring Ethernet Network\u201d of SoMachine Basic online help. This will prevent remote programming of the M221 PLC.",
"product_ids": [
"CSAFPID-0001"
]
},
{
"category": "mitigation",
"details": "Schneider Electric\u0027s security notice SEVD-2018-235-01 is available",
"product_ids": [
"CSAFPID-0001"
],
"url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-235-01/"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L",
"version": "3.0"
},
"products": [
"CSAFPID-0001"
]
}
]
}
]
}
fkie_cve-2018-7790
Vulnerability from fkie_nvd
Published
2018-08-29 21:29
Modified
2024-11-21 04:12
Severity ?
Summary
An Information Management Error vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to replay authentication sequences. If an attacker exploits this vulnerability and connects to a Modicon M221, the attacker can upload the original program from the PLC.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cybersecurity@se.com | http://www.securityfocus.com/bid/105182 | Third Party Advisory, VDB Entry | |
| cybersecurity@se.com | https://www.schneider-electric.com/en/download/document/SEVD-2018-235-01/ | Mitigation, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/105182 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.schneider-electric.com/en/download/document/SEVD-2018-235-01/ | Mitigation, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| schneider-electric | modicon_m221_firmware | * | |
| schneider-electric | modicon_m221 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:schneider-electric:modicon_m221_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "55D26878-E5EB-4537-A252-34B3EBB758CC",
"versionEndExcluding": "1.6.2.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:schneider-electric:modicon_m221:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BB0D83F4-B718-47AB-AFB8-B576CB138AAC",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An Information Management Error vulnerability exists in Schneider Electric\u0027s Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to replay authentication sequences. If an attacker exploits this vulnerability and connects to a Modicon M221, the attacker can upload the original program from the PLC."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad de error de gesti\u00f3n de informaci\u00f3n en el producto Modicon M221, de Schneider Electric (todas las referencias y todas las versiones anteriores al firmware V1.6.2.0). La vulnerabilidad permite que usuarios no autorizados reproduzcan secuencias de autenticaci\u00f3n. Si un atacante explota la vulnerabilidad y se conecta a Modicon M221, el atacante puede subir el programa original desde el PLC."
}
],
"id": "CVE-2018-7790",
"lastModified": "2024-11-21T04:12:44.423",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-08-29T21:29:01.070",
"references": [
{
"source": "cybersecurity@se.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105182"
},
{
"source": "cybersecurity@se.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-235-01/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105182"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-235-01/"
}
],
"sourceIdentifier": "cybersecurity@se.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-294"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
ghsa-xvmg-mf7x-g2hx
Vulnerability from github
Published
2022-05-13 01:04
Modified
2022-05-13 01:04
Severity ?
Details
An Information Management Error vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to replay authentication sequences. If an attacker exploits this vulnerability and connects to a Modicon M221, the attacker can upload the original program from the PLC.
{
"affected": [],
"aliases": [
"CVE-2018-7790"
],
"database_specific": {
"cwe_ids": [
"CWE-294"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-08-29T21:29:00Z",
"severity": "CRITICAL"
},
"details": "An Information Management Error vulnerability exists in Schneider Electric\u0027s Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to replay authentication sequences. If an attacker exploits this vulnerability and connects to a Modicon M221, the attacker can upload the original program from the PLC.",
"id": "GHSA-xvmg-mf7x-g2hx",
"modified": "2022-05-13T01:04:03Z",
"published": "2022-05-13T01:04:03Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7790"
},
{
"type": "WEB",
"url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-235-01"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/105182"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.