53 matches found
EUVD-2018-19534
Malware in sbrugna...
EUVD-2018-19533
Malware in sbrugna...
EUVD-2018-19535
Malware in sbrugna...
EUVD-2018-19495
Malware in sbrugna...
CVE-2018-7823
A Environment CWE-2 vulnerability exists in SoMachine Basic, all versions, and Modicon M221all references, all versions prior to firmware V1.10.0.0 which could cause remote launch of SoMachine Basic when sending crafted ethernet message...
CVE-2018-7822
An Incorrect Default Permissions CWE-276 vulnerability exists in SoMachine Basic, all versions, and Modicon M221all references, all versions prior to firmware V1.10.0.0 which could cause unauthorized access to SoMachine Basic resource files when logged on the system hosting SoMachine Basic...
CVE-2018-7821
An Environment CWE-2 vulnerability exists in SoMachine Basic, all versions, and Modicon M221all references, all versions prior to firmware V1.10.0.0 which could cause cycle time impact when flooding the M221 ethernet interface while the Ethernet/IP adapter is activated...
Schneider (CVE-2018-7821)
An Environment CWE-2 vulnerability exists in SoMachine Basic, all versions, and Modicon M221all references, all versions prior to firmware V1.10.0.0 which could cause cycle time impact when flooding the M221 ethernet interface while the Ethernet/IP adapter is activated. This plugin only works wit...
Schneider Electric Modicon Incorrect Default Permissions (CVE-2018-7822)
An Incorrect Default Permissions CWE-276 vulnerability exists in SoMachine Basic, all versions, and Modicon M221all references, all versions prior to firmware V1.10.0.0 which could cause unauthorized access to SoMachine Basic resource files when logged on the system hosting SoMachine Basic. This...
Schneider Electric Modicon M221 Information Management Errors (CVE-2018-7790)
An Information Management Error vulnerability exists in Schneider Electric's Modicon M221 product all references, all versions prior to firmware V1.6.2.0. The vulnerability allows unauthorized users to replay authentication sequences. If an attacker exploits this vulnerability and connects to a...
Schneider Electric Modicon M221 Permissions, Privileges, and Access Controls (CVE-2018-7792)
A Permissions, Privileges, and Access Control vulnerability exists in Schneider Electric's Modicon M221 product all references, all versions prior to firmware V1.6.2.0. The vulnerability allows unauthorized users to decode the password using rainbow table. This plugin only works with Tenable.ot...
Schneider Electric Modicon Remote Launch (CVE-2018-7823)
A Environment CWE-2 vulnerability exists in SoMachine Basic, all versions, and Modicon M221all references, all versions prior to firmware V1.10.0.0 which could cause remote launch of SoMachine Basic when sending crafted ethernet message. This plugin only works with Tenable.ot. Please visit...
Schneider Electric Modicon M221 PLCs and SoMachine Basic Protection Mechanism Failure (CVE-2017-7575)
Schneider Electric Modicon TM221CE16R 1.3.3.3 devices allow remote attackers to discover the application-protection password via a \x00\x01\x00\x00\x00\x05\x01\x5a\x00\x03\x00 request to the Modbus port 502/tcp. Subsequently the application may be arbitrarily downloaded, modified, and uploaded...
Schneider Electric Modicon M221 PLCs and SoMachine Basic Use of Hard-Coded Cryptographic Key (CVE-2017-7574)
Schneider Electric SoMachine Basic 1.4 SP1 and Schneider Electric Modicon TM221CE16R 1.3.3.3 devices have a hardcoded- key vulnerability. The Project Protection feature is used to prevent unauthorized users from opening an XML protected project file, by prompting the user for a password. This XML...
Schneider Electric SoMachine Basic
1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schneider Electric Equipment: SoMachine Basic Vulnerability: Improper Restriction of XML External Entity Reference 2. RISK EVALUATION Successful exploitation of this vulnerability may result in...
Schneider Electric EcoStruxure Machine Expert-Basic or SoMachine Basic Injection Vulnerability
Schneider Electric EcoStruxure Machine Expert-Basic and SoMachine Basic are both products of Schneider Electric, France.Schneider Electric EcoStruxure Machine Expert-Basic is a PLC configuration application. The program is mainly used for programmable logic controller configuration, programming a...
PT-2020-19607
Name of the Vulnerable Software and Affected Versions EcoStruxure Machine Expert – Basic or SoMachine Basic programming software affected versions not specified Description A CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' issue exists, whi...
Schneider Electric SoMachine Basic and Schneider Electric Modicon M221 License Issue Vulnerability
Schneider Electric SoMachine Basic and Schneider Electric Modicon M221 are both products of Schneider Electric, France.Schneider Electric SoMachine Basic is a suite of software for programming logic controllers. The Schneider Electric Modicon M221 is a programmable logic controller. An...
Schneider Electric SoMachine Basic and Schneider Electric Modicon M221 Input Validation Error Vulnerability
Schneider Electric SoMachine Basic and Schneider Electric Modicon M221 are both products of Schneider Electric, France.Schneider Electric SoMachine Basic is a suite of software for programming logic controllers. The Schneider Electric Modicon M221 is a programmable logic controller. An input...
CVE-2018-7821
An Environment CWE-2 vulnerability exists in SoMachine Basic, all versions, and Modicon M221all references, all versions prior to firmware V1.10.0.0 which could cause cycle time impact when flooding the M221 ethernet interface while the Ethernet/IP adapter is activated...