CVE-2018-7792
First published: Wed Aug 29 2018(Updated: )
A Permissions, Privileges, and Access Control vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to decode the password using rainbow table.
Credit: cybersecurity@se.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Schneider-electric Modicon M221 Firmware | <1.6.2.0 | |
| Schneider-electric Modicon M221 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2018-7792?
CVE-2018-7792 is a Permissions, Privileges, and Access Control vulnerability in Schneider Electric's Modicon M221 product.
How does CVE-2018-7792 affect Schneider Electric's Modicon M221 product?
CVE-2018-7792 allows unauthorized users to decode the password using a rainbow table.
What is the severity of CVE-2018-7792?
CVE-2018-7792 has a severity rating of 7.5 (high).
How can I fix CVE-2018-7792?
To fix CVE-2018-7792, upgrade your Schneider Electric Modicon M221 firmware to version 1.6.2.0 or later.
Where can I find more information about CVE-2018-7792?
For more information about CVE-2018-7792, you can refer to the following resources: [SecurityFocus](http://www.securityfocus.com/bid/105182) and [Schneider Electric](https://www.schneider-electric.com/en/download/document/SEVD-2018-235-01/).
- collector/nvd-index
- agent/type
- agent/references
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/author
- agent/weakness
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- agent/softwarecombine
- vendor/schneider-electric
- canonical/schneider-electric modicon m221 firmware
- canonical/schneider-electric modicon m221