SB2019052222 - Multiple vulnerabilities in Schneider Electric Modicon Controllers

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2019052222

SB2019052222 - Multiple vulnerabilities in Schneider Electric Modicon Controllers

Published: May 22, 2019 Updated: November 7, 2019

Security Bulletin ID SB2019052222
CSH Severity
Medium
Patch available
NO
Number of vulnerabilities 2
Exploitation vector Remote access
Highest impact Information disclosure

Breakdown by Severity

Medium 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 2 vulnerabilities.


1) Use of insufficiently random values (CVE-ID: CVE-2019-6821)

CWE-ID: CWE-330 - Use of Insufficiently Random Values

CVSSv4: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green


The vulnerability allows a remote attacker to guess the next generated value and impersonate another user or access sensitive information.

The vulnerability exists due to the device has predictable TCP initial sequence numbers.
A remote attacker can hijack TCP connection carrying unsecured communication and cause information leakage.

2) File and Directory Information Exposure (CVE-ID: CVE-2019-6851)

CWE-ID: CWE-538 - File And Directory Information Exposure

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green


The vulnerability allows a remote attacker to gain access to sensitive information on the target system.

The vulnerability exists due to the affected software stores sensitive information in files or directories that are accessible to actors outside of the intended control sphere. A remote attacker can disclose sensitive information from the controller when using TFTP protocol.

Remediation

Cybersecurity Help is not aware of any official remediation provided by the vendor.

References