CVE-2018-7790
First published: Wed Aug 29 2018(Updated: )
An Information Management Error vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to replay authentication sequences. If an attacker exploits this vulnerability and connects to a Modicon M221, the attacker can upload the original program from the PLC.
Credit: cybersecurity@se.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Schneider-electric Modicon M221 Firmware | <1.6.2.0 | |
| Schneider-electric Modicon M221 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2018-7790?
CVE-2018-7790 is an Information Management Error vulnerability that exists in Schneider Electric's Modicon M221 product.
What is the severity of CVE-2018-7790?
CVE-2018-7790 has a severity rating of 9.8 (Critical).
How does CVE-2018-7790 affect Schneider Electric's Modicon M221 product?
CVE-2018-7790 allows unauthorized users to replay authentication sequences, potentially compromising the security of the Modicon M221 product.
What is the affected version of Schneider Electric's Modicon M221 firmware for CVE-2018-7790?
All versions of Schneider Electric's Modicon M221 firmware prior to V1.6.2.0 are affected by CVE-2018-7790.
How can I fix CVE-2018-7790?
To fix CVE-2018-7790, you should update Schneider Electric's Modicon M221 firmware to version V1.6.2.0 or later.
- collector/nvd-index
- agent/references
- agent/severity
- agent/weakness
- agent/author
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/schneider-electric
- canonical/schneider-electric modicon m221 firmware
- canonical/schneider-electric modicon m221