Main Vulnerability Database Vulnerabilities #VU39268

Use of hard-coded credentials in SoMachine - CVE-2017-7574

Published: April 7, 2017 / Updated: August 8, 2020

Vulnerability identifier: #VU39268

CSH Severity: High

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber

CVE-ID: CVE-2017-7574

CWE-ID: CWE-798

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Schneider Electric

Affected software:
SoMachine

Detailed vulnerability description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

Schneider Electric SoMachine Basic 1.4 SP1 and Schneider Electric Modicon TM221CE16R 1.3.3.3 devices have a hardcoded-key vulnerability. The Project Protection feature is used to prevent unauthorized users from opening an XML protected project file, by prompting the user for a password. This XML file is AES-CBC encrypted; however, the key used for encryption (SoMachineBasicSoMachineBasicSoMa) cannot be changed. After decrypting the XML file with this key, the user password can be found in the decrypted data. After reading the user password, the project can be opened and modified with the Schneider product.

How to mitigate CVE-2017-7574

Install update from vendor's website.

Use of hard-coded credentials in SoMachine - CVE-2017-7574

Detailed vulnerability description

How to mitigate CVE-2017-7574

Sources

Please verify you're human