CVE-2018-7803 — MEDIUM (5.9)

Vulnerability Description

A CWE-754 Improper Check for Unusual or Exceptional Conditions vulnerability exists in Triconex TriStation Emulator V1.2.0, which could cause the emulator to crash when sending a specially crafted packet. The emulator is used infrequently for application logic testing. It is susceptible to an attack only while running in off-line mode. This vulnerability does not exist in Triconex hardware products and therefore has no effect on the operating safety functions in a plant.

CVSS Score

5.9

MEDIUM

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Schneider-Electric	Triconex Tristation Emulator	1.2.0

Related Weaknesses (CWE)

CWE-754

References

https://www.schneider-electric.com/ww/en/download/document/SEVD-2019-071-03Vendor Advisory
https://www.schneider-electric.com/ww/en/download/document/SEVD-2019-071-03Vendor Advisory

FAQ

What is CVE-2018-7803?

CVE-2018-7803 is a vulnerability with a CVSS score of 5.9 (MEDIUM). A CWE-754 Improper Check for Unusual or Exceptional Conditions vulnerability exists in Triconex TriStation Emulator V1.2.0, which could cause the emulator to crash when sending a specially crafted pac...

How severe is CVE-2018-7803?

CVE-2018-7803 has been rated MEDIUM with a CVSS base score of 5.9/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2018-7803?

Check the references section above for vendor advisories and patch information. Affected products include: Schneider-Electric Triconex Tristation Emulator.