Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2017-7574

Schneider Electric SoMachine Basic 1.4 SP1 and Schneider Electric Modicon TM221CE16R 1.3.3.3 devices have a hardcoded-key vulnerability. The Project Protection feature is used to prevent unauthorized users from opening an XML protected project file, by prompting the user for a password. This XML file is AES-CBC encrypted; however, the key used for encryption (SoMachineBasicSoMachineBasicSoMa) cannot be changed. After decrypting the XML file with this key, the user password can be found in the decrypted data. After reading the user password, the project can be opened and modified with the Schneider product.

Published

2017-04-06T21:59:00.307

Last Modified

2025-04-20T01:37:25.860

Status

Deferred

Source

[email protected]

Severity

CVSSv3.1: 9.8 (CRITICAL)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: PARTIAL
Availability Impact: PARTIAL

Exploitability Score

10.0

Impact Score

6.4

Weaknesses

Type: Primary
CWE-798

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	schneider-electric	modicon_tm221ce16r_firmware	1.3.3.3	Yes
Hardware	schneider-electric	modicon_tm221ce16r	-	No
Application	schneider-electric	somachine	1.4	Yes

References

http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2017-097-01 Vendor Advisory ([email protected])
http://www.securityfocus.com/bid/97518 Third Party Advisory, VDB Entry ([email protected])
https://os-s.net/advisories/OSS-2017-02.pdf Broken Link ([email protected])
http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2017-097-01 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/97518 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
https://os-s.net/advisories/OSS-2017-02.pdf Broken Link (af854a3a-2127-422b-91ae-364da2661108)