EUVD-2019-16374

Malware in sbrugna...

The vulnerability of microprogrammed software in Modicon, ATV IMC, and PacDrive programmable logic controllers lies in the lack of authentication for a critical function, allowing an intruder to alter the device’s configuration.

The vulnerability of microprogrammed software in Modicon, ATV IMC, and PacDrive programmable logic controllers is related to the absence of authentication for the critical function. Exploiting this vulnerability allows a malicious actor to remotely alter the device’s configuration IP address,...

CVE-2019-6820

A CWE-306: Missing Authentication for Critical Function vulnerability exists which could cause a modification of device IP configuration IP address, network mask and gateway IP address when a specific Ethernet frame is received in all versions of: Modicon M100, Modicon M200, Modicon M221, ATV IMC...

CVE-2019-6820

A CWE-306: Missing Authentication for Critical Function vulnerability exists which could cause a modification of device IP configuration IP address, network mask and gateway IP address when a specific Ethernet frame is received in all versions of: Modicon M100, Modicon M200, Modicon M221, ATV IMC...

CVE-2019-6820

CVE-2019-6820 describes a CWE-306 vulnerability (Missing Authentication for a Critical Function) that could allow modification of device IP configuration (IP address, netmask, gateway) when a specific Ethernet frame is received on multiple Schneider Electric Modicon/drive products. Affected produ...

Access Control Error Vulnerability in Multiple Schneider Electric Products

Schneider Electric Modicon M100 is a programmable logic controller, Schneider Electric Modicon LMC078 is a motion controller, and Schneider Electric ATV IMC drive controller is a drive controller. Schneider Electric Modicon M100 is a programmable logic controller.Schneider Electric Modicon LMC078...