Lucene search

[email protected]NVD:CVE-2018-7789

HistoryAug 29, 2018 - 8:29 p.m.

CVE-2018-7789

2018-08-2920:29:00

CWE-754

[email protected]

web.nvd.nist.gov

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.003 Low

EPSS

Percentile

70.0%

JSON

An Improper Check for Unusual or Exceptional Conditions vulnerability exists in Schneider Electric’s Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to remotely reboot Modicon M221 using crafted programing protocol frames.

Affected configurations

NVD

Node

schneider-electricmodicon_m221_firmwareRange<1.6.2.0

AND

schneider-electricmodicon_m221Match-

References

www.securityfocus.com/bid/105171

ics-cert.us-cert.gov/advisories/ICSA-18-240-02

www.schneider-electric.com/en/download/document/SEVD-2018-233-01/

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.003 Low

EPSS

Percentile

70.0%

JSON

Related for NVD:CVE-2018-7789

cve1 ics1 prion1 cvelist1 nessus2