Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

13 matches found

NVD
NVDadded 2020/11/19 10:15 p.m.11 views

CVE-2020-7566

A CWE-334: Small Space of Random Values vulnerability exists in Modicon M221 all references, all versions that could allow the attacker to break the encryption keys when the attacker has captured the traffic between EcoStruxure Machine - Basic software and Modicon M221 controller...

7.3CVSS7AI score0.00046EPSS
Exploits0References2
Prion
Prionadded 2020/11/19 10:15 p.m.14 views

Design/Logic Flaw

A CWE-334: Small Space of Random Values vulnerability exists in Modicon M221 all references, all versions that could allow the attacker to break the encryption keys when the attacker has captured the traffic between EcoStruxure Machine - Basic software and Modicon M221 controller...

4.3CVSS7AI score0.00046EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2020/11/19 9:10 p.m.1 views

CVE-2020-7568

A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in Modicon M221 all references, all versions that could allow non sensitive information disclosure when the attacker has captured the traffic between EcoStruxure Machine - Basic software and Modicon M221...

5.8AI score0.00057EPSS
Exploits0References2
CVE
CVEadded 2020/11/19 9:10 p.m.61 views

CVE-2020-7567

CVE-2020-7567 targets Schneider Electric Modicon M221 PLCs. A missing encryption of sensitive data vulnerability could allow an attacker who captures traffic between EcoStruxure Machine-Basic software and the M221 controller to break encryption keys and obtain password hashes. Affected: Modicon M...

7.1CVSS5.5AI score0.00022EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichmentadded 2020/11/19 9:10 p.m.1 views

CVE-2020-7566

A CWE-334: Small Space of Random Values vulnerability exists in Modicon M221 all references, all versions that could allow the attacker to break the encryption keys when the attacker has captured the traffic between EcoStruxure Machine - Basic software and Modicon M221 controller...

7.1AI score0.00046EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2020/11/19 9:10 p.m.1 views

CVE-2020-7565

A CWE-326: Inadequate Encryption Strength vulnerability exists in Modicon M221 all references, all versions that could allow the attacker to break the encryption key when the attacker has captured the traffic between EcoStruxure Machine - Basic software and Modicon M221 controller...

7.1AI score0.00022EPSS
Exploits0References2
CVE
CVEadded 2020/11/19 9:10 p.m.66 views

CVE-2020-7565

CVE-2020-7565 affects Schneider Electric Modicon M221 PLCs (all versions) and is about Inadequate Encryption Strength (CWE-326). The root cause is weakness in cryptographic protection that could allow an attacker to break the encryption key when intercepting traffic between EcoStruxure Machine - ...

7.3CVSS7AI score0.00022EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2020/11/19 9:10 p.m.14 views

CVE-2020-7565

A CWE-326: Inadequate Encryption Strength vulnerability exists in Modicon M221 all references, all versions that could allow the attacker to break the encryption key when the attacker has captured the traffic between EcoStruxure Machine - Basic software and Modicon M221 controller...

7.1AI score0.00022EPSS
Exploits0References2
CNNVD
CNNVDadded 2020/11/19 12:0 a.m.2 views

Schneider Electric Modicon M221 Information Disclosure Vulnerability

The Schneider Electric Modicon M221 is a programmable logic controller from Schneider Electric, France. The Modicon M221 suffers from an information disclosure vulnerability that originates from the presence of a sensitive information exposure to an unauthorized Actor vulnerability that can be...

4.3CVSS5.8AI score0.00057EPSS
Exploits0References3
CNNVD
CNNVDadded 2020/11/19 12:0 a.m.2 views

Schneider Electric Modicon M221 Security Breach

The Schneider Electric Modicon M221 is a programmable logic controller from Schneider Electric, France. The Modicon M221 suffers from a security vulnerability that stems from a sensitive data vulnerability encryption gap that can be exploited by an attacker to find a password hash after capturing...

5.7CVSS6.2AI score0.00022EPSS
Exploits0References3
Positive Technologies
Positive Technologiesadded 2020/11/10 12:0 a.m.3 views

PT-2020-6348

Name of the Vulnerable Software and Affected Versions Modicon M221 all versions Modicon M100 affected versions not specified Modicon M200 affected versions not specified Description A CWE-326: Inadequate Encryption Strength issue exists that could allow an attacker to break the encryption key whe...

7.8CVSS7.1AI score0.00022EPSS
Exploits0References11
Vulnrichment
Vulnrichmentadded 2020/04/22 6:15 p.m.1 views

CVE-2020-7489

A CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' vulnerability exists on EcoStruxure Machine Expert – Basic or SoMachine Basic programming software versions in security notification. The result of this vulnerability, DLL substitution, coul...

7.4AI score0.0067EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2017/04/06 12:0 a.m.4 views

PT-2017-17809

Name of the Vulnerable Software and Affected Versions Schneider Electric SoMachine Basic version 1.4 SP1 Schneider Electric Modicon TM221CE16R version 1.3.3.3 Description The issue concerns a hardcoded-key vulnerability in the Project Protection feature, which is used to prevent unauthorized acce...

10CVSS7.3AI score0.0027EPSS
Exploits0References7
Rows per page
Query Builder