53 matches found
CVE-2018-7823
A Environment CWE-2 vulnerability exists in SoMachine Basic, all versions, and Modicon M221all references, all versions prior to firmware V1.10.0.0 which could cause remote launch of SoMachine Basic when sending crafted ethernet message...
CVE-2018-7823
A Environment CWE-2 vulnerability exists in SoMachine Basic, all versions, and Modicon M221all references, all versions prior to firmware V1.10.0.0 which could cause remote launch of SoMachine Basic when sending crafted ethernet message...
CVE-2018-7822
An Incorrect Default Permissions CWE-276 vulnerability exists in SoMachine Basic, all versions, and Modicon M221all references, all versions prior to firmware V1.10.0.0 which could cause unauthorized access to SoMachine Basic resource files when logged on the system hosting SoMachine Basic...
CVE-2018-7821
An Environment CWE-2 vulnerability exists in SoMachine Basic, all versions, and Modicon M221all references, all versions prior to firmware V1.10.0.0 which could cause cycle time impact when flooding the M221 ethernet interface while the Ethernet/IP adapter is activated...
CVE-2018-7822
An Incorrect Default Permissions CWE-276 vulnerability exists in SoMachine Basic, all versions, and Modicon M221all references, all versions prior to firmware V1.10.0.0 which could cause unauthorized access to SoMachine Basic resource files when logged on the system hosting SoMachine Basic...
Code injection
A Environment CWE-2 vulnerability exists in SoMachine Basic, all versions, and Modicon M221all references, all versions prior to firmware V1.10.0.0 which could cause remote launch of SoMachine Basic when sending crafted ethernet message...
Default configuration
An Incorrect Default Permissions CWE-276 vulnerability exists in SoMachine Basic, all versions, and Modicon M221all references, all versions prior to firmware V1.10.0.0 which could cause unauthorized access to SoMachine Basic resource files when logged on the system hosting SoMachine Basic...
Code injection
An Environment CWE-2 vulnerability exists in SoMachine Basic, all versions, and Modicon M221all references, all versions prior to firmware V1.10.0.0 which could cause cycle time impact when flooding the M221 ethernet interface while the Ethernet/IP adapter is activated...
CVE-2018-7823
A Environment CWE-2 vulnerability exists in SoMachine Basic, all versions, and Modicon M221all references, all versions prior to firmware V1.10.0.0 which could cause remote launch of SoMachine Basic when sending crafted ethernet message...
CVE-2018-7823
CVE-2018-7823 affects Schneider Electric SoMachine Basic (all versions) and Modicon M221 prior to firmware v1.10.0.0, with a vulnerability that could cause remote launch of SoMachine Basic when a crafted Ethernet message is sent. Public sources in the connected documents confirm the affected prod...
CVE-2018-7822
The CVE-2018-7822 entry describes an Incorrect Default Permissions (CWE-276) vulnerability in Schneider Electric SoMachine Basic (all versions) and Modicon M221 prior to firmware v1.10.0.0. The root cause is improper default permissions on SoMachine Basic resource files on the system hosting SoMa...
CVE-2018-7822
An Incorrect Default Permissions CWE-276 vulnerability exists in SoMachine Basic, all versions, and Modicon M221all references, all versions prior to firmware V1.10.0.0 which could cause unauthorized access to SoMachine Basic resource files when logged on the system hosting SoMachine Basic...
CVE-2018-7821
An Environment CWE-2 vulnerability exists in SoMachine Basic, all versions, and Modicon M221all references, all versions prior to firmware V1.10.0.0 which could cause cycle time impact when flooding the M221 ethernet interface while the Ethernet/IP adapter is activated...
CVE-2018-7821
An Environment CWE-2 vulnerability exists in SoMachine Basic, all versions, and Modicon M221all references, all versions prior to firmware V1.10.0.0 which could cause cycle time impact when flooding the M221 ethernet interface while the Ethernet/IP adapter is activated...
CVE-2018-7821
CVE-2018-7821 affects Schneider Electric SoMachine Basic (all versions) and Modicon M221 prior to firmware v1.10.0.0. The root cause is an environment-type vulnerability that could cause a cycle time impact by flooding the M221 Ethernet interface when the Ethernet/IP adapter is activated. The con...
PT-2019-1482
Name of the Vulnerable Software and Affected Versions Modicon M221 versions prior to V1.10.0.0 SoMachine Basic affected versions not specified Description The issue is related to an incorrect configuration of the Ethernet interface in the Modicon M221 programmable logic controller when the...
High-Severity Flaws Patched in Schneider Electric Products
Schneider Electric has released fixes for a slew of vulnerabilities that can be exploited remotely in two of its industrial control system products. The two flaws, which exist in Schneider Electric’s power management system, PowerLogic PM5560, and its programmable logic controller, Modicon M221,...
Schneider Electric Modicon M221
1. EXECUTIVE SUMMARY CVSS v3 4.8 ATTENTION: Exploitable remotely Vendor: Schneider Electric Equipment: Modicon M221 Vulnerability: Improper Check for Unusual or Exceptional Conditions 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthorized user to remotely...
Schneider Electric SoMachine Basic XML External Entity Injection Vulnerability
Schneider Electric SoMachine Basic is a software for programming and debugging components on a control platform from the French company Schneider Electric Schneider Electric. An XML external entity injection vulnerability exists in Schneider Electric SoMachine Basic version 1.6 SP1, which stems...
CVE-2018-7783
Schneider Electric SoMachine Basic prior to v1.6 SP1 suffers from an XML External Entity XXE vulnerability using the DTD parameter entities technique resulting in disclosure and retrieval of arbitrary data on the affected node via out-of-band OOB attack. The vulnerability is triggered when input...