Vulnerability identifier: #VU27382

Vulnerability risk: Low

CVSSv3.1: 2.4 [CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N/E:U/RL:U/RC:C]

CVE-ID: CVE-2020-7488

CWE-ID: CWE-319

Exploitation vector: Local network

Exploit availability: No

Vulnerable software:
EcoStruxure Machine Expert
Server applications / SCADA systems
SoMachine
Server applications / SCADA systems
SoMachine Motion
Server applications / SCADA systems
Modicon M218
Hardware solutions / Firmware
Modicon M251
Hardware solutions / Firmware
Modicon M258
Hardware solutions / Firmware
Modicon M241
Hardware solutions / Firmware

Vendor: Schneider Electric

Description

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to software uses insecure communication channel to transmit sensitive information. A remote attacker on the local network with ability to intercept network traffic can gain access to sensitive data transmitted between the software and the Modicon controllers.

Mitigation
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

Vulnerable software versions

EcoStruxure Machine Expert: All versions

SoMachine: All versions

SoMachine Motion: All versions

Modicon M218: All versions

Modicon M251: All versions

Modicon M258: All versions

Modicon M241: All versions

---

External links
http://www.se.com/ww/en/download/document/SEVD-2020-105-02

---

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.