Vulnerability Description
A Credential Management vulnerability exists in FoxView HMI SCADA (All Foxboro DCS, Foxboro Evo, and IA Series versions prior to Foxboro DCS Control Core Services 9.4 (CCS 9.4) and FoxView 10.5.) which could cause unauthorized disclosure, modification, or disruption in service when the password is modified without permission.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Schneider-Electric | Foxboro Dcs | < ccs_9.4 |
| Schneider-Electric | Foxboro Evo | < ccs_9.4 |
| Schneider-Electric | Foxview | 10.5 |
| Schneider-Electric | Ia Series | < ccs_9.4 |
References
- https://www.schneider-electric.com/en/download/document/SEVD-2018-353-03/Vendor Advisory
- https://www.schneider-electric.com/en/download/document/SEVD-2018-353-03/Vendor Advisory
FAQ
What is CVE-2018-7793?
CVE-2018-7793 is a vulnerability with a CVSS score of 8.7 (HIGH). A Credential Management vulnerability exists in FoxView HMI SCADA (All Foxboro DCS, Foxboro Evo, and IA Series versions prior to Foxboro DCS Control Core Services 9.4 (CCS 9.4) and FoxView 10.5.) whic...
How severe is CVE-2018-7793?
CVE-2018-7793 has been rated HIGH with a CVSS base score of 8.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-7793?
Check the references section above for vendor advisories and patch information. Affected products include: Schneider-Electric Foxboro Dcs, Schneider-Electric Foxboro Evo, Schneider-Electric Foxview, Schneider-Electric Ia Series.