CVE-2018-7242: Weak Encryption
First published: Wed Apr 18 2018(Updated: )
Vulnerable hash algorithms exists in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communication modules. The algorithm used to encrypt the password is vulnerable to hash collision attacks.
Credit: cybersecurity@se.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| schneider-electric BMXNOR0200 | ||
| schneider-electric BMXNOR0200 firmware | ||
| Schneider Electric BMXNOR0200H Firmware | ||
| Schneider Electric BMXNOR200H | ||
| Schneider Electric 140CPU65150 Firmware | ||
| Schneider Electric 140CPU65150 Firmware | ||
| Schneider Electric 140CPU31110 | ||
| Schneider Electric 140CPU31110 | ||
| Schneider Electric 140CPU43412U | ||
| Schneider Electric 140CPU43412U | ||
| Schneider Electric 140CPU65160 Firmware | ||
| Schneider Electric 140CPU65160 | ||
| Schneider Electric 140CPU65260 Firmware | ||
| Schneider Electric 140CPU65260C | ||
| Schneider Electric 140CPU65860 | ||
| Schneider Electric 140CPU65860 | ||
| Schneider Electric 140CPU65160S Firmware | ||
| Schneider Electric 140CPU65160S Firmware | ||
| Schneider Electric 140CPU65150C Firmware | ||
| Schneider Electric 140CPU65150C | ||
| Schneider Electric 140CPU31110 | ||
| schneider-electric 140cpu31110c | ||
| Schneider Electric 140CPU43412UC | ||
| Schneider Electric 140CPU43412UC | ||
| Schneider Electric 140CPU65160C Firmware | ||
| Schneider Electric 140CPU65160C | ||
| Schneider Electric 140CPU65260C Firmware | ||
| Schneider Electric 140CPU65260C Firmware | ||
| Schneider Electric 140CPU65860C Firmware | ||
| Schneider Electric 140CPU65860C | ||
| Schneider Electric BMXP341000 Firmware | ||
| Schneider Electric BMXP341000 Firmware | ||
| Schneider Electric BMXP342000 Firmware | ||
| Schneider Electric BMXP342000 Firmware | ||
| Schneider Electric BMXP3420102 Firmware | ||
| Schneider Electric BMXP3420102 Firmware | ||
| schneider-electric bmxp3420102cl firmware | ||
| Schneider Electric BMXP3420102CL | ||
| schneider-electric BMXP342020H firmware | ||
| schneider-electric BMXP342020H firmware | ||
| Schneider Electric BMXP3420302H firmware | ||
| Schneider Electric BMXP3420302H firmware | ||
| Schneider Electric BMXP3420302CL Firmware | ||
| Schneider Electric BMXP3420302CL Firmware | ||
| Schneider Electric BMXP3420302H firmware | ||
| Schneider Electric BMXP3420302H firmware | ||
| schneider-electric BMXP342020H firmware | ||
| schneider-electric BMXP342020H firmware | ||
| Schneider Electric BMXP341000H Firmware | ||
| Schneider Electric BMXP341000H Firmware | ||
| Schneider Electric TSXH5724M | ||
| schneider-electric tsxh5724m firmware | ||
| Schneider Electric TSXH5744M Firmware | ||
| Schneider Electric TSXH5744M Firmware | ||
| Schneider Electric TSXP57104M | ||
| Schneider Electric TSXp57104MC | ||
| Schneider Electric TSXP57154M Firmware | ||
| Schneider Electric TSXP57154M | ||
| schneider-electric tsxp571634mc firmware | ||
| Schneider Electric TSXP571634M Firmware | ||
| Schneider Electric TSXP57204M Firmware | ||
| Schneider Electric TSXP57204M | ||
| schneider-electric tsxp57254m firmware | ||
| schneider-electric tsxp57254m firmware | ||
| Schneider Electric TSXP572634M Firmware | ||
| Schneider Electric TSXP572634M | ||
| Schneider Electric TSXP57304M Firmware | ||
| Schneider Electric TSXP57304M Firmware | ||
| schneider-electric tsxp57354m firmware | ||
| Schneider Electric TSXP57354MC | ||
| Schneider Electric TSXP573634M Firmware | ||
| Schneider Electric TSXP573634M | ||
| Schneider Electric TSXP57454M Firmware | ||
| Schneider Electric TSXP57454M | ||
| schneider-electric tsxp574634m firmware | ||
| Schneider Electric TSXP574634M | ||
| schneider-electric tsxp575634m firmware | ||
| Schneider Electric TSXP575634M | ||
| schneider-electric tsxp576634mc firmware | ||
| schneider-electric tsxp576634m firmware | ||
| Schneider Electric TSXH5724MC Firmware | ||
| Schneider Electric TSXH5724MC | ||
| Schneider Electric TSXH5744M Firmware | ||
| Schneider Electric TSXH5744MC | ||
| Schneider Electric TSXP57104MC Firmware | ||
| Schneider Electric TSXP57104MC Firmware | ||
| Schneider Electric TSXP57154MC Firmware | ||
| Schneider Electric TSXP 57154MC | ||
| Schneider Electric TSXP571634M Firmware | ||
| Schneider Electric TSXP571634MC | ||
| schneider-electric tsxp57204mc firmware | ||
| schneider-electric tsxp57204mc firmware | ||
| schneider-electric tsxp57254mc firmware | ||
| schneider-electric tsxp57254mc firmware | ||
| schneider-electric tsxp572634mc firmware | ||
| Schneider Electric TSXP572634MC | ||
| Schneider Electric TSXP57304MC | ||
| schneider-electric tsxp57304mc firmware | ||
| Schneider Electric TSXP57354MC | ||
| schneider-electric tsxp57354mc firmware | ||
| Schneider Electric TSXP573634MC Firmware | ||
| Schneider Electric TSXP573634MC | ||
| schneider-electric tsxp57454mc firmware | ||
| schneider-electric tsxp57454mc firmware | ||
| schneider-electric tsxp574634mc firmware | ||
| Schneider Electric TSXP574634MC | ||
| Schneider Electric TSX P57554M Firmware | ||
| Schneider Electric TSXP57554M | ||
| schneider-electric tsxp575634mc firmware | ||
| schneider-electric tsxp575634mc firmware | ||
| schneider-electric tsxp576634mc firmware | ||
| schneider-electric tsxp576634mc firmware | ||
| Schneider Electric TSX P57554M Firmware | ||
| Schneider Electric TSXP57554M | ||
| All of | ||
| schneider-electric BMXNOR0200 | ||
| schneider-electric BMXNOR0200 firmware | ||
| All of | ||
| Schneider Electric BMXNOR0200H Firmware | ||
| Schneider Electric BMXNOR200H | ||
| All of | ||
| Schneider Electric 140CPU65150 Firmware | ||
| Schneider Electric 140CPU65150 Firmware | ||
| All of | ||
| Schneider Electric 140CPU31110 | ||
| Schneider Electric 140CPU31110 | ||
| All of | ||
| Schneider Electric 140CPU43412U | ||
| Schneider Electric 140CPU43412U | ||
| All of | ||
| Schneider Electric 140CPU65160 Firmware | ||
| Schneider Electric 140CPU65160 | ||
| All of | ||
| Schneider Electric 140CPU65260 Firmware | ||
| Schneider Electric 140CPU65260C | ||
| All of | ||
| Schneider Electric 140CPU65860 | ||
| Schneider Electric 140CPU65860 | ||
| All of | ||
| Schneider Electric 140CPU65160S Firmware | ||
| Schneider Electric 140CPU65160S Firmware | ||
| All of | ||
| Schneider Electric 140CPU65150C Firmware | ||
| Schneider Electric 140CPU65150C | ||
| All of | ||
| Schneider Electric 140CPU31110 | ||
| schneider-electric 140cpu31110c | ||
| All of | ||
| Schneider Electric 140CPU43412UC | ||
| Schneider Electric 140CPU43412UC | ||
| All of | ||
| Schneider Electric 140CPU65160C Firmware | ||
| Schneider Electric 140CPU65160C | ||
| All of | ||
| Schneider Electric 140CPU65260C Firmware | ||
| Schneider Electric 140CPU65260C Firmware | ||
| All of | ||
| Schneider Electric 140CPU65860C Firmware | ||
| Schneider Electric 140CPU65860C | ||
| All of | ||
| Schneider Electric Modicon M340 BMXP341000 Firmware | ||
| Schneider Electric Modicon M340 BMXP341000 | ||
| All of | ||
| Schneider Electric Modicon M340 BMXP342000 Firmware | ||
| Schneider Electric Modicon M340 BMXP342000 Firmware | ||
| All of | ||
| Schneider Electric Modicon M340 BMXP3420102 Firmware | ||
| Schneider Electric Modicon M340 BMXP3420102 | ||
| All of | ||
| Schneider Electric Modicon M340 BMXP3420102CL Firmware | ||
| Schneider Electric Modicon M340 BMXP3420102CL Firmware | ||
| All of | ||
| Schneider Electric Modicon M340 BMXP342020 Firmware | ||
| Schneider Electric Modicon M340 BMXP342020 | ||
| All of | ||
| Schneider Electric Modicon M340 BMXP3420302 Firmware | ||
| Schneider Electric Modicon M340 BMXP3420302 Firmware | ||
| All of | ||
| Schneider Electric Modicon M340 BMXP3420302 Firmware | ||
| Schneider Electric Modicon M340 BMXP3420302CL | ||
| All of | ||
| Schneider Electric Modicon M340 BMXP3420302H Firmware | ||
| Schneider Electric Modicon M340 BMXP3420302H Firmware | ||
| All of | ||
| Schneider Electric Modicon M340 BMXP342020H Firmware | ||
| Schneider Electric Modicon M340 BMXP342020H | ||
| All of | ||
| Schneider Electric Modicon M340 BMXP341000H Firmware | ||
| Schneider Electric Modicon M340 BMXP341000H | ||
| All of | ||
| Schneider Electric TSXH5724M | ||
| schneider-electric tsxh5724m firmware | ||
| All of | ||
| Schneider Electric TSXH5744M Firmware | ||
| Schneider Electric TSXH5744M Firmware | ||
| All of | ||
| Schneider Electric TSXP57104M | ||
| Schneider Electric TSXp57104MC | ||
| All of | ||
| Schneider Electric TSXP57154M Firmware | ||
| Schneider Electric TSXP57154M | ||
| All of | ||
| schneider-electric tsxp571634mc firmware | ||
| Schneider Electric TSXP571634M Firmware | ||
| All of | ||
| Schneider Electric TSXP57204M Firmware | ||
| Schneider Electric TSXP57204M | ||
| All of | ||
| schneider-electric tsxp57254m firmware | ||
| schneider-electric tsxp57254m firmware | ||
| All of | ||
| Schneider Electric TSXP572634M Firmware | ||
| Schneider Electric TSXP572634M | ||
| All of | ||
| Schneider Electric TSXP57304M Firmware | ||
| Schneider Electric TSXP57304M Firmware | ||
| All of | ||
| schneider-electric tsxp57354m firmware | ||
| Schneider Electric TSXP57354MC | ||
| All of | ||
| Schneider Electric TSXP573634M Firmware | ||
| Schneider Electric TSXP573634M | ||
| All of | ||
| Schneider Electric TSXP57454M Firmware | ||
| Schneider Electric TSXP57454M | ||
| All of | ||
| schneider-electric tsxp574634m firmware | ||
| Schneider Electric TSXP574634M | ||
| All of | ||
| schneider-electric tsxp575634m firmware | ||
| Schneider Electric TSXP575634M | ||
| All of | ||
| schneider-electric tsxp576634mc firmware | ||
| schneider-electric tsxp576634m firmware | ||
| All of | ||
| Schneider Electric TSXH5724MC Firmware | ||
| Schneider Electric TSXH5724MC | ||
| All of | ||
| Schneider Electric TSXH5744M Firmware | ||
| Schneider Electric TSXH5744MC | ||
| All of | ||
| Schneider Electric TSXP57104MC Firmware | ||
| Schneider Electric TSXP57104MC Firmware | ||
| All of | ||
| Schneider Electric TSXP57154MC Firmware | ||
| Schneider Electric TSXP 57154MC | ||
| All of | ||
| Schneider Electric TSXP571634M Firmware | ||
| Schneider Electric TSXP571634MC | ||
| All of | ||
| schneider-electric tsxp57204mc firmware | ||
| schneider-electric tsxp57204mc firmware | ||
| All of | ||
| schneider-electric tsxp57254mc firmware | ||
| schneider-electric tsxp57254mc firmware | ||
| All of | ||
| schneider-electric tsxp572634mc firmware | ||
| Schneider Electric TSXP572634MC | ||
| All of | ||
| Schneider Electric TSXP57304MC | ||
| schneider-electric tsxp57304mc firmware | ||
| All of | ||
| Schneider Electric TSXP57354MC | ||
| schneider-electric tsxp57354mc firmware | ||
| All of | ||
| Schneider Electric TSXP573634MC Firmware | ||
| Schneider Electric TSXP573634MC | ||
| All of | ||
| schneider-electric tsxp57454mc firmware | ||
| schneider-electric tsxp57454mc firmware | ||
| All of | ||
| schneider-electric tsxp574634mc firmware | ||
| Schneider Electric TSXP574634MC | ||
| All of | ||
| Schneider Electric TSX P57554M Firmware | ||
| Schneider Electric TSXP57554M | ||
| All of | ||
| schneider-electric tsxp575634mc firmware | ||
| schneider-electric tsxp575634mc firmware | ||
| All of | ||
| schneider-electric tsxp576634mc firmware | ||
| schneider-electric tsxp576634mc firmware | ||
| All of | ||
| Schneider Electric TSX P57554M Firmware | ||
| Schneider Electric TSXP57554M |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2018-7242?
The severity of CVE-2018-7242 is classified as high due to the potential for hash collision attacks against vulnerable password encryption methods.
How do I fix CVE-2018-7242?
To fix CVE-2018-7242, update the firmware of the affected Schneider Electric controllers to a version that does not utilize the vulnerable hash algorithms.
Which devices are affected by CVE-2018-7242?
CVE-2018-7242 affects Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers across all firmware versions.
What are the potential impacts of CVE-2018-7242?
The potential impacts of CVE-2018-7242 include unauthorized access to systems and data breaches due to exploited weaknesses in password hashing.
Is CVE-2018-7242 actively exploited in the wild?
There have been reports of CVE-2018-7242 being actively exploited, highlighting the importance of remediation for affected devices.
- agent/type
- agent/severity
- agent/references
- agent/weakness
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/author
- vendor/schneider-electric
- canonical/schneider-electric bmxnor0200
- canonical/schneider-electric bmxnor0200 firmware
- canonical/schneider electric bmxnor0200h firmware
- canonical/schneider electric bmxnor200h
- canonical/schneider electric 140cpu65150 firmware
- canonical/schneider electric 140cpu31110
- canonical/schneider electric 140cpu43412u
- canonical/schneider electric 140cpu65160 firmware
- canonical/schneider electric 140cpu65160
- canonical/schneider electric 140cpu65260 firmware
- canonical/schneider electric 140cpu65260c
- canonical/schneider electric 140cpu65860
- canonical/schneider electric 140cpu65160s firmware
- canonical/schneider electric 140cpu65150c firmware
- canonical/schneider electric 140cpu65150c
- canonical/schneider-electric 140cpu31110c
- canonical/schneider electric 140cpu43412uc
- canonical/schneider electric 140cpu65160c firmware
- canonical/schneider electric 140cpu65160c
- canonical/schneider electric 140cpu65260c firmware
- canonical/schneider electric 140cpu65860c firmware
- canonical/schneider electric 140cpu65860c
- canonical/schneider electric bmxp341000 firmware
- canonical/schneider electric bmxp342000 firmware
- canonical/schneider electric bmxp3420102 firmware
- canonical/schneider-electric bmxp3420102cl firmware
- canonical/schneider electric bmxp3420102cl
- canonical/schneider-electric bmxp342020h firmware
- canonical/schneider electric bmxp3420302h firmware
- canonical/schneider electric bmxp3420302cl firmware
- canonical/schneider electric bmxp341000h firmware
- canonical/schneider electric tsxh5724m
- canonical/schneider-electric tsxh5724m firmware
- canonical/schneider electric tsxh5744m firmware
- canonical/schneider electric tsxp57104m
- canonical/schneider electric tsxp57104mc
- canonical/schneider electric tsxp57154m firmware
- canonical/schneider electric tsxp57154m
- canonical/schneider-electric tsxp571634mc firmware
- canonical/schneider electric tsxp571634m firmware
- canonical/schneider electric tsxp57204m firmware
- canonical/schneider electric tsxp57204m
- canonical/schneider-electric tsxp57254m firmware
- canonical/schneider electric tsxp572634m firmware
- canonical/schneider electric tsxp572634m
- canonical/schneider electric tsxp57304m firmware
- canonical/schneider-electric tsxp57354m firmware
- canonical/schneider electric tsxp57354mc
- canonical/schneider electric tsxp573634m firmware
- canonical/schneider electric tsxp573634m
- canonical/schneider electric tsxp57454m firmware
- canonical/schneider electric tsxp57454m
- canonical/schneider-electric tsxp574634m firmware
- canonical/schneider electric tsxp574634m
- canonical/schneider-electric tsxp575634m firmware
- canonical/schneider electric tsxp575634m
- canonical/schneider-electric tsxp576634mc firmware
- canonical/schneider-electric tsxp576634m firmware
- canonical/schneider electric tsxh5724mc firmware
- canonical/schneider electric tsxh5724mc
- canonical/schneider electric tsxh5744mc
- canonical/schneider electric tsxp57104mc firmware
- canonical/schneider electric tsxp57154mc firmware
- canonical/schneider electric tsxp 57154mc
- canonical/schneider electric tsxp571634mc
- canonical/schneider-electric tsxp57204mc firmware
- canonical/schneider-electric tsxp57254mc firmware
- canonical/schneider-electric tsxp572634mc firmware
- canonical/schneider electric tsxp572634mc
- canonical/schneider electric tsxp57304mc
- canonical/schneider-electric tsxp57304mc firmware
- canonical/schneider-electric tsxp57354mc firmware
- canonical/schneider electric tsxp573634mc firmware
- canonical/schneider electric tsxp573634mc
- canonical/schneider-electric tsxp57454mc firmware
- canonical/schneider-electric tsxp574634mc firmware
- canonical/schneider electric tsxp574634mc
- canonical/schneider electric tsx p57554m firmware
- canonical/schneider electric tsxp57554m
- canonical/schneider-electric tsxp575634mc firmware
- canonical/schneider electric modicon m340 bmxp341000 firmware
- canonical/schneider electric modicon m340 bmxp341000
- canonical/schneider electric modicon m340 bmxp342000 firmware
- canonical/schneider electric modicon m340 bmxp3420102 firmware
- canonical/schneider electric modicon m340 bmxp3420102
- canonical/schneider electric modicon m340 bmxp3420102cl firmware
- canonical/schneider electric modicon m340 bmxp342020 firmware
- canonical/schneider electric modicon m340 bmxp342020
- canonical/schneider electric modicon m340 bmxp3420302 firmware
- canonical/schneider electric modicon m340 bmxp3420302cl
- canonical/schneider electric modicon m340 bmxp3420302h firmware
- canonical/schneider electric modicon m340 bmxp342020h firmware
- canonical/schneider electric modicon m340 bmxp342020h
- canonical/schneider electric modicon m340 bmxp341000h firmware
- canonical/schneider electric modicon m340 bmxp341000h