CRITICAL🇵🇱 Wersja polska

CVE-2018-7242

CVSS 9.8v3.0pub. 2018-04-18upd. 2024-11-21

Vulnerable hash algorithms exists in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communication modules. The algorithm used to encrypt the password is vulnerable to hash collision attacks.

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Schneider Electric 140cpu31110

    HW
    Schneider-Electric
    wszystkie wersje
  • Schneider Electric 140cpu31110c

    HW
    Schneider-Electric
    wszystkie wersje
  • Schneider Electric 140cpu31110c Firmware

    OS
    Schneider-Electric
    wszystkie wersje
  • Schneider Electric 140cpu31110 Firmware

    OS
    Schneider-Electric
    wszystkie wersje
  • Schneider Electric 140cpu43412u

    HW
    Schneider-Electric
    wszystkie wersje
  • Schneider Electric 140cpu43412uc

    HW
    Schneider-Electric
    wszystkie wersje
  • Schneider Electric 140cpu43412uc Firmware

    OS
    Schneider-Electric
    wszystkie wersje
  • Schneider Electric 140cpu43412u Firmware

    OS
    Schneider-Electric
    wszystkie wersje
  • Schneider Electric 140cpu65150

    HW
    Schneider-Electric
    wszystkie wersje
  • Schneider Electric 140cpu65150c

    HW
    Schneider-Electric
    wszystkie wersje
  • Schneider Electric 140cpu65150c Firmware

    OS
    Schneider-Electric
    wszystkie wersje
  • Schneider Electric 140cpu65150 Firmware

    OS
    Schneider-Electric
    wszystkie wersje
  • Schneider Electric 140cpu65160

    HW
    Schneider-Electric
    wszystkie wersje
  • Schneider Electric 140cpu65160c

    HW
    Schneider-Electric
    wszystkie wersje
  • Schneider Electric 140cpu65160c Firmware

    OS
    Schneider-Electric
    wszystkie wersje
  • Schneider Electric 140cpu65160 Firmware

    OS
    Schneider-Electric
    wszystkie wersje
  • Schneider Electric 140cpu65160s

    HW
    Schneider-Electric
    wszystkie wersje
  • Schneider Electric 140cpu65160s Firmware

    OS
    Schneider-Electric
    wszystkie wersje
  • Schneider Electric 140cpu65260

    HW
    Schneider-Electric
    wszystkie wersje
  • Schneider Electric 140cpu65260c

    HW
    Schneider-Electric
    wszystkie wersje
  • Schneider Electric 140cpu65260c Firmware

    OS
    Schneider-Electric
    wszystkie wersje
  • Schneider Electric 140cpu65260 Firmware

    OS
    Schneider-Electric
    wszystkie wersje
  • Schneider Electric 140cpu65860

    HW
    Schneider-Electric
    wszystkie wersje
  • Schneider Electric 140cpu65860c

    HW
    Schneider-Electric
    wszystkie wersje
  • Schneider Electric 140cpu65860c Firmware

    OS
    Schneider-Electric
    wszystkie wersje
  • Schneider Electric 140cpu65860 Firmware

    OS
    Schneider-Electric
    wszystkie wersje
  • Schneider Electric Bmxnor0200

    HW
    Schneider-Electric
    wszystkie wersje
  • Schneider Electric Bmxnor0200 Firmware

    OS
    Schneider-Electric
    wszystkie wersje
  • Schneider Electric Bmxnor0200h

    HW
    Schneider-Electric
    wszystkie wersje
  • Schneider Electric Bmxnor0200h Firmware

    OS
    Schneider-Electric
    wszystkie wersje
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2022-37300CRITICAL9.8ten sam produkt

A CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability exists that could cause unaut...

CVE-2021-22779CRITICAL9.1ten sam produkt

Authentication Bypass by Spoofing vulnerability exists in EcoStruxure Control Expert (all versions prior to V1...

CVE-2020-7540CRITICAL9.8ten sam produkt

A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Web Server on Modicon M340...

CVE-2020-7533CRITICAL9.8ten sam produkt

CWE-287: Improper Authentication vulnerability exists which could cause the execution of commands on the webse...

CVE-2018-7241CRITICAL9.8ten sam produkt

Hard coded accounts exist in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR02...