Vulnerability Description
A Permissions, Privileges, and Access Control vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to decode the password using rainbow table.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Schneider-Electric | Modicon M221 Firmware | < 1.6.2.0 |
| Schneider-Electric | Modicon M221 | - |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/105182Third Party AdvisoryVDB Entry
- https://www.schneider-electric.com/en/download/document/SEVD-2018-235-01/MitigationVendor Advisory
- http://www.securityfocus.com/bid/105182Third Party AdvisoryVDB Entry
- https://www.schneider-electric.com/en/download/document/SEVD-2018-235-01/MitigationVendor Advisory
FAQ
What is CVE-2018-7792?
CVE-2018-7792 is a vulnerability with a CVSS score of 7.5 (HIGH). A Permissions, Privileges, and Access Control vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unau...
How severe is CVE-2018-7792?
CVE-2018-7792 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-7792?
Check the references section above for vendor advisories and patch information. Affected products include: Schneider-Electric Modicon M221 Firmware, Schneider-Electric Modicon M221.