CVE-2013-0664

2013-04-0411:58:00

NVD-CWE-noinfo

[email protected]

web.nvd.nist.gov

factorycast

schneider electric

quantum 140noe77111

140nwm10000

m340 bmxnoe0110x

premium tsxety5103

plc modules

remote code execution

cve-2013-0664

nvd

7.1 High

AI Score

Confidence

Low

8.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

0.005 Low

EPSS

Percentile

76.9%

JSON

The FactoryCast service on the Schneider Electric Quantum 140NOE77111 and 140NWM10000, M340 BMXNOE0110x, and Premium TSXETY5103 PLC modules allows remote authenticated users to send Modbus messages, and consequently execute arbitrary code, by embedding these messages in SOAP HTTP POST requests.

CPENameOperatorVersion
schneider-electric:modicon_quantum_plcschneider-electric modicon quantum plceq140nwm10000
schneider-electric:modicon_quantum_plcschneider-electric modicon quantum plceq140noe77111
schneider-electric:modicon_m340schneider-electric modicon m340eqbmxnoe0110x
schneider-electric:modicon_premiumschneider-electric modicon premiumeqtsxety5103

CPE	Name	Operator	Version
schneider-electric:modicon_quantum_plc	schneider-electric modicon quantum plc	eq	140nwm10000
schneider-electric:modicon_quantum_plc	schneider-electric modicon quantum plc	eq	140noe77111
schneider-electric:modicon_m340	schneider-electric modicon m340	eq	bmxnoe0110x
schneider-electric:modicon_premium	schneider-electric modicon premium	eq	tsxety5103

References

ics-cert.us-cert.gov/pdf/ICSA-13-077-01A.pdf

www.schneider-electric.com/download/ww/en/details/35081317-Vulnerability-Disclosure-for-Quantum-Premium-and-M340/

www.schneider-electric.com/download/ww/en/file/36555639-SEVD-2013-023-01.pdf/?fileName=SEVD-2013-023-01.pdf&reference=SEVD-2013-023-01&docType=Technical-paper