Vulnerability Description
Improper Check for Unusual or Exceptional Conditions vulnerability exists in Triconex Model 3009 MP installed on Tricon V11.3.x systems that could cause module reset when TCM receives malformed TriStation packets while the write-protect keyswitch is in the program position. This CVE ID is unique from CVE-2021-22742, CVE-2021-22744, CVE-2021-22745, and CVE-2021-22747.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Schneider-Electric | Triconex Model 3009 Mp Firmware | >= 11.3.0, < 11.8.0 |
| Schneider-Electric | Triconex Model 3009 Mp | - |
| Schneider-Electric | Tcm 4351B Firmware | >= 11.3.0, < 11.5.1 |
| Schneider-Electric | Tcm 4351B | - |
Related Weaknesses (CWE)
References
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-03Vendor Advisory
- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-03Vendor Advisory
FAQ
What is CVE-2021-22746?
CVE-2021-22746 is a vulnerability with a CVSS score of 3.9 (LOW). Improper Check for Unusual or Exceptional Conditions vulnerability exists in Triconex Model 3009 MP installed on Tricon V11.3.x systems that could cause module reset when TCM receives malformed TriSta...
How severe is CVE-2021-22746?
CVE-2021-22746 has been rated LOW with a CVSS base score of 3.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-22746?
Check the references section above for vendor advisories and patch information. Affected products include: Schneider-Electric Triconex Model 3009 Mp Firmware, Schneider-Electric Triconex Model 3009 Mp, Schneider-Electric Tcm 4351B Firmware, Schneider-Electric Tcm 4351B.