CVE-2018-7789

CWE-7543 documents3 sources

Severity

7.5HIGH

EPSS

0.7%

top 28.26%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Schneider-electric Modicon M221 Firmware

Timeline

PublishedAug 29

Latest updateMay 13

Description

An Improper Check for Unusual or Exceptional Conditions vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to remotely reboot Modicon M221 using crafted programing protocol frames.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages1 packages

▶NVDschneider-electric/modicon_m221_firmware< 1.6.2.0

🔴Vulnerability Details

GHSA

GHSA-mw2w-h237-7rhw: An Improper Check for Unusual or Exceptional Conditions vulnerability exists in Schneider Electric's Modicon M221 product (all references, all version↗2022-05-13

▶

CVEList

CVE-2018-7789: An Improper Check for Unusual or Exceptional Conditions vulnerability exists in Schneider Electric's Modicon M221 product (all references, all version↗2018-08-29

▶