Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2018-7789

An Improper Check for Unusual or Exceptional Conditions vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to remotely reboot Modicon M221 using crafted programing protocol frames.

Published

2018-08-29T20:29:00.343

Last Modified

2024-11-21T04:12:44.300

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

  • Access Vector: NETWORK
  • Access Complexity: LOW
  • Authentication: NONE
  • Confidentiality Impact: NONE
  • Integrity Impact: NONE
  • Availability Impact: COMPLETE
Exploitability Score

10.0

Impact Score

6.9

Weaknesses
  • Type: Primary
    CWE-754
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System schneider-electric modicon_m221_firmware < 1.6.2.0 Yes
Hardware schneider-electric modicon_m221 - No
References