Lucene search
HistoryOct 03, 2022 - 4:15 p.m.
CVE-2011-4861
cve-2011-4861
schneider electric
quantum ethernet module
noe 771
firmware update
modbus 125
tcp port 502
remote attack
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
7.1 High
AI Score
Confidence
Low
0.009 Low
EPSS
Percentile
83.2%
The modbus_125_handler function in the Schneider Electric Quantum Ethernet Module on the NOE 771 device (aka the Quantum 140NOE771* module) allows remote attackers to install arbitrary firmware updates via a MODBUS 125 function code to TCP port 502.
Affected configurations
Node
schneider-electricquantum_ethernet_module_140noe77100Range≤3.3
ORschneider-electricquantum_ethernet_module_140noe77100Range≤3.4
ORschneider-electricquantum_ethernet_module_140noe77101Range≤4.9
ORschneider-electricquantum_ethernet_module_140noe77111Range≤5.0
Related
nvd
nvd
CVE-2011-4861
2011-12-17 11:55:12
cvelist
cvelist
CVE-2011-4861
2022-10-03 16:15:13
nessus
nessus
prion
prion
Code injection
2011-12-17 11:55:00
openvas
openvas
Schneider Electric Quantum Ethernet Module Hardcoded Credentials (Telnet)
2011-12-14 00:00:00
Schneider Electric Quantum Ethernet Module Hardcoded Credentials (FTP)
2011-12-14 00:00:00
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
7.1 High
AI Score
Confidence
Low
0.009 Low
EPSS
Percentile
83.2%
Related for CVE-2011-4861