Vulnerability Description
Schneider Electric Modicon Quantum PLC does not perform authentication between the Unity software and PLC, which allows remote attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Schneider-Electric | Modicon Quantum Plc | - |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/47723Not Applicable
- http://www.securityfocus.com/bid/51605Third Party AdvisoryVDB Entry
- http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-12-020-03.pdfBroken Link
- https://exchange.xforce.ibmcloud.com/vulnerabilities/72586Third Party AdvisoryVDB Entry
- https://us-cert.cisa.gov/ics/alerts/ICS-ALERT-12-020-03Third Party AdvisoryUS Government Resource
- http://secunia.com/advisories/47723Not Applicable
- http://www.securityfocus.com/bid/51605Third Party AdvisoryVDB Entry
- http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-12-020-03.pdfBroken Link
- https://exchange.xforce.ibmcloud.com/vulnerabilities/72586Third Party AdvisoryVDB Entry
- https://us-cert.cisa.gov/ics/alerts/ICS-ALERT-12-020-03Third Party AdvisoryUS Government Resource
FAQ
What is CVE-2012-0931?
CVE-2012-0931 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Schneider Electric Modicon Quantum PLC does not perform authentication between the Unity software and PLC, which allows remote attackers to cause a denial of service or possibly execute arbitrary code...
How severe is CVE-2012-0931?
CVE-2012-0931 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2012-0931?
Check the references section above for vendor advisories and patch information. Affected products include: Schneider-Electric Modicon Quantum Plc.