All CISA Advisories, EN

Schneider Electric Modicon Controllers

View CSAF

1. EXECUTIVE SUMMARY

  • CVSS v3 10.0
  • ATTENTION: Exploitable remotely/low attack complexity
  • Vendor: Schneider Electric
  • Equipment: Modicon M580, Modicon M340, Modicon Premium, and Modicon Quantum
  • Vulnerabilities: Trust Boundary Violation, Uncaught Exception, Exposure of Sensitive Information to an Unauthorized Actor, Authentication Bypass by Spoofing, Improper Access Control, Reliance on Untrusted Inputs in a Security Decision, Out-of-bounds Read

2. RISK EVALUATION

Successful exploitation of these vulnerabilities may risk execution of unsolicited command on the PLC, which could result in a loss of availability of the controller.

3. TECHNICAL DETAILS

3.1 AFFECTED PRODUCTS

Schneider Electric reports that the following products are affected:

  • Modicon M580: All versions prior to 2.90 (CVE-2018-7846, CVE-2018-7849, CVE-2018-7848, CVE-2018-7842, CVE-2018-7847, CVE-2018-7850, CVE-2018-7853, CVE-2018-7854, CVE-2019-6808, CVE-2019-6828, CVE-2019-6829, CVE-2019-6809)
  • Modicon Momentum CPU (part numbers 171CBU*): All versions (CVE-2018-7857)
  • Modicon Quantum: All versions prior to 3.60 (CVE-2018-7843, CVE-2018-7845, CVE-2018-7852, CVE-2018-7856, CVE-2019-6807)
  • Modicon Quantum: All versions (CVE-2018-7846, CVE-2018-7849, CVE-2018-7848, CVE-2018-7842, CVE-2018-7847, CVE-2018-7850, CVE-2018-7855, CVE-2018-7857, CVE-2019-6806, CVE-2019-6808, CVE-2018-7844, CVE-2019-6828, CVE-2019-6809)
  • Modicon Premium: All versions (CVE-2018-7846, CVE-2018-7849, CVE-2018-7848, CVE-2018-7842, CVE-2018-7847, CVE-2018-7850, CVE-2018-7855, CVE-2018-7857, CVE-2019-6806, CVE-2019-6808, CVE-2018-7844, CVE-2019-6828, CVE-2019-6809)
  • Modicon Premium: All versions prior to 3.60 (CVE-2018-7852, CVE-2019-6807)
  • PLC Simulator for EcoStruxure Control Expert: All versions prior to 15.1 (CVE-2018-7857)
  • Modicon Premium: All versions prior to 3.20 (CVE-2018-7843, CVE-2018-7845, CVE-2018-7852, CVE-2018-7856, CVE-2019-6807)
  • Modicon Momentum Unity M1E Processor (part numbers 171CBU*): All versions prior to SV2.6 (CVE-2018-7857, CVE-2019-6807)
  • Modic

    […]
    Content was cut in order to protect the source.Please visit the source for the rest of the article.

    This article has been indexed from All CISA Advisories

    Read the original article: