Vulnerability identifier: #VU27382
Vulnerability risk: Low
CVSSv3.1: 2.4 [CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:U/RC:C]
CVE-ID:
CWE-ID:
CWE-319
Exploitation vector: Local network
Exploit availability: No
Vulnerable software:
EcoStruxure Machine Expert
Server applications /
SCADA systems
SoMachine
Server applications /
SCADA systems
SoMachine Motion
Server applications /
SCADA systems
Modicon M218
Hardware solutions /
Firmware
Modicon M251
Hardware solutions /
Firmware
Modicon M258
Hardware solutions /
Firmware
Modicon M241
Hardware solutions /
Firmware
Vendor: Schneider Electric
Description
The vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to software uses insecure communication channel to transmit sensitive information. A remote attacker on the local network with ability to intercept network traffic can gain access to sensitive data transmitted between the software and the Modicon controllers.
Mitigation
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versions
EcoStruxure Machine Expert: All versions
SoMachine: All versions
SoMachine Motion: All versions
Modicon M218: All versions
Modicon M251: All versions
Modicon M258: All versions
Modicon M241: All versions
External links
http://www.se.com/ww/en/download/document/SEVD-2020-105-02
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.