Multiple vulnerabilities in Schneider Electric Modicon M221
| Risk | Low |
| Patch available | NO |
| Number of vulnerabilities | 5 |
| CVE-ID | CVE-2020-7565 CVE-2020-7566 CVE-2020-7567 CVE-2020-7568 CVE-2020-28214 |
| CWE-ID | CWE-326 CWE-311 CWE-200 CWE-760 |
| Exploitation vector | Local network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Modicon M221 Hardware solutions / Firmware |
| Vendor | Schneider Electric |
Security Bulletin
This security bulletin contains information about 5 vulnerabilities.
1) Inadequate Encryption Strength
EUVDB-ID: #VU48918
Risk: Low
CVSSv3.1: 6.5 [CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2020-7565
CWE-ID:
CWE-326 - Inadequate Encryption Strength
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to an inadequate encryption strength issue. A remote attacker on the local network can break the encryption key.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsModicon M221: All versions
External linkshttp://www.se.com/ww/en/download/document/SEVD-2020-315-05/
http://us-cert.cisa.gov/ics/advisories/icsa-20-343-04
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Small Space of Random Values
EUVDB-ID: #VU48919
Risk: Low
CVSSv3.1: 6.5 [CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2020-7566
CWE-ID: N/A
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to a small space of random values issue. A remote attacker on the local network can break the encryption keys.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsModicon M221: All versions
External linkshttp://www.se.com/ww/en/download/document/SEVD-2020-315-05/
http://us-cert.cisa.gov/ics/advisories/icsa-20-343-04
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Missing Encryption of Sensitive Data
EUVDB-ID: #VU48920
Risk: Low
CVSSv3.1: 6.5 [CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2020-7567
CWE-ID:
CWE-311 - Missing Encryption of Sensitive Data
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to missing encryption of sensitive data. A remote attacker on the local ntwork can find the password hash.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsModicon M221: All versions
External linkshttp://www.se.com/ww/en/download/document/SEVD-2020-315-05/
http://us-cert.cisa.gov/ics/advisories/icsa-20-343-04
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Information disclosure
EUVDB-ID: #VU48921
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE-2020-7568
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output by the application. A remote attacker on the local network can gain unauthorized access to sensitive information on the system.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsModicon M221: All versions
External linkshttp://www.se.com/ww/en/download/document/SEVD-2020-315-05/
http://us-cert.cisa.gov/ics/advisories/icsa-20-343-04
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Use of a One-Way Hash with a Predictable Salt
EUVDB-ID: #VU48922
Risk: Low
CVSSv3.1: 3.1 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE-2020-28214
CWE-ID:
CWE-760 - Use of a One-Way Hash with a Predictable Salt
Exploit availability: No
DescriptionThe vulnerability allows a local user to compromise the target system.
The vulnerability exists due to a use of a one-way hash with a predictable salt. A local user can pre-compute the hash value using a dictionary attack, effectively disabling the protection that an unpredictable salt would provide.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsModicon M221: All versions
External linkshttp://ics-cert.us-cert.gov/advisories/icsa-20-343-04
http://www.se.com/ww/en/download/document/SEVD-2020-315-05/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
