Lucene search
HistoryDec 17, 2011 - 11:55 a.m.
CVE-2011-4861
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
6.9 Medium
AI Score
Confidence
Low
0.009 Low
EPSS
Percentile
83.2%
The modbus_125_handler function in the Schneider Electric Quantum Ethernet Module on the NOE 771 device (aka the Quantum 140NOE771* module) allows remote attackers to install arbitrary firmware updates via a MODBUS 125 function code to TCP port 502.
Affected configurations
Node
schneider-electricquantum_ethernet_module_140noe77100Range≤3.3
ORschneider-electricquantum_ethernet_module_140noe77100Range≤3.4
ORschneider-electricquantum_ethernet_module_140noe77101Range≤4.9
ORschneider-electricquantum_ethernet_module_140noe77111Range≤5.0
Related
nessus
nessus
prion
prion
Code injection
2011-12-17 11:55:00
cvelist
cvelist
CVE-2011-4861
2022-10-03 16:15:13
cve
cve
CVE-2011-4861
2022-10-03 16:15:13
openvas
openvas
Schneider Electric Quantum Ethernet Module Hardcoded Credentials (Telnet)
2011-12-14 00:00:00
Schneider Electric Quantum Ethernet Module Hardcoded Credentials (FTP)
2011-12-14 00:00:00
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
6.9 Medium
AI Score
Confidence
Low
0.009 Low
EPSS
Percentile
83.2%
Related for NVD:CVE-2011-4861