Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2017-6026

CWE-3305 documents5 sources
Severity
9.1CRITICAL
EPSS
18.6%
top 4.74%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Schneider-electric Modicon M241 FirmwareSchneider-electric Modicon M251 Firmware
Timeline
PublishedJun 30
Latest updateMay 13

Description

A Use of Insufficiently Random Values issue was discovered in Schneider Electric Modicon PLCs Modicon M241, firmware versions prior to Version 4.0.5.11, and Modicon M251, firmware versions prior to Version 4.0.5.11. The session numbers generated by the web application are lacking randomization and are shared between several users. This may allow a current session to be compromised.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:NExploitability: 3.9 | Impact: 5.2

Affected Packages3 packages

CVEListV5schneider_electric_modicon_plcsSchneider Electric Modicon PLCs

🔴Vulnerability Details

2
GHSA
GHSA-c4x2-m5w5-m3rx: A Use of Insufficiently Random Values issue was discovered in Schneider Electric Modicon PLCs Modicon M241, firmware versions prior to Version 42022-05-13
CVEList
CVE-2017-6026: A Use of Insufficiently Random Values issue was discovered in Schneider Electric Modicon PLCs Modicon M241, firmware versions prior to Version 42017-06-30

💥Exploits & PoCs

1
Exploit-DB
Schneider Electric PLC - Session Calculation Authentication Bypass2018-11-30

💬Community

1
Bugzilla
CVE-2017-16651 roundcubemail: Unauthorized access to arbitrary files2017-11-10
CVE-2017-6026 (CRITICAL CVSS 9.1) | A Use of Insufficiently Random Valu | cvebase.io