CVE-2013-0663: CSRF
First published: Thu Apr 04 2013(Updated: )
Cross-site request forgery (CSRF) vulnerability on the Schneider Electric Quantum 140NOE77111, 140NOE77101, and 140NWM10000; M340 BMXNOC0401, BMXNOE0100x, and BMXNOE011xx; and Premium TSXETY4103, TSXETY5103, and TSXWMY100 PLC modules allows remote attackers to hijack the authentication of arbitrary users for requests that execute commands, as demonstrated by modifying HTTP credentials.
Credit: ics-cert@hq.dhs.gov
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Schneider Electric Modicon Quantum PLC | =140noe77101 | |
| Schneider Electric Modicon Quantum PLC | =140noe77111 | |
| Schneider Electric Modicon Quantum PLC | =140nwm10000 | |
| Schneider Electric Modicon M340 | =bmxnoc0401 | |
| Schneider Electric Modicon M340 | =bmxnoe011xx | |
| Schneider Electric Modicon M340 | =bmxnoe0100x | |
| Schneider Electric Modicon Premium | =tsxety4103 | |
| Schneider Electric Modicon Premium | =tsxety5103 | |
| Schneider Electric Modicon Premium | =tsxwmy100 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://ics-cert.us-cert.gov/pdf/ICSA-13-077-01A.pdf
- http://www.schneider-electric.com/download/ww/en/details/35081317-Vulnerability-Disclosure-for-Quantum-Premium-and-M340/
- http://www.schneider-electric.com/download/ww/en/file/36555639-SEVD-2013-023-01.pdf/?fileName=SEVD-2013-023-01.pdf&reference=SEVD-2013-023-01&docType=Technical-paper
- https://www.exploit-db.com/exploits/44678/
Frequently Asked Questions
What is the severity of CVE-2013-0663?
CVE-2013-0663 is classified as a high-severity vulnerability due to its potential for unauthorized access via CSRF.
How do I fix CVE-2013-0663?
To fix CVE-2013-0663, implement proper CSRF protection mechanisms in your application and apply any updates provided by Schneider Electric.
What systems are affected by CVE-2013-0663?
CVE-2013-0663 affects various Schneider Electric PLC modules including Quantum, M340, and Premium series.
Can CVE-2013-0663 be exploited remotely?
Yes, CVE-2013-0663 can be exploited remotely by attackers to hijack user sessions.
Is there a workaround for CVE-2013-0663?
A possible workaround for CVE-2013-0663 is to restrict access to affected devices and disable any unnecessary web interfaces.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/author
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/weakness
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/schneider-electric
- canonical/schneider electric modicon quantum plc
- version/schneider electric modicon quantum plc/140noe77101
- version/schneider electric modicon quantum plc/140noe77111
- version/schneider electric modicon quantum plc/140nwm10000
- canonical/schneider electric modicon m340
- version/schneider electric modicon m340/bmxnoc0401
- version/schneider electric modicon m340/bmxnoe011xx
- version/schneider electric modicon m340/bmxnoe0100x
- canonical/schneider electric modicon premium
- version/schneider electric modicon premium/tsxety4103
- version/schneider electric modicon premium/tsxety5103
- version/schneider electric modicon premium/tsxwmy100