Vulnerability Description
An Improper Check for Unusual or Exceptional Conditions vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to remotely reboot Modicon M221 using crafted programing protocol frames.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Schneider-Electric | Modicon M221 Firmware | < 1.6.2.0 |
| Schneider-Electric | Modicon M221 | - |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/105171Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-18-240-02MitigationThird Party AdvisoryUS Government Resource
- https://www.schneider-electric.com/en/download/document/SEVD-2018-233-01/MitigationVendor Advisory
- http://www.securityfocus.com/bid/105171Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-18-240-02MitigationThird Party AdvisoryUS Government Resource
- https://www.schneider-electric.com/en/download/document/SEVD-2018-233-01/MitigationVendor Advisory
FAQ
What is CVE-2018-7789?
CVE-2018-7789 is a vulnerability with a CVSS score of 7.5 (HIGH). An Improper Check for Unusual or Exceptional Conditions vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability a...
How severe is CVE-2018-7789?
CVE-2018-7789 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-7789?
Check the references section above for vendor advisories and patch information. Affected products include: Schneider-Electric Modicon M221 Firmware, Schneider-Electric Modicon M221.