Improper Check for Unusual or Exceptional Conditions

CVE-2018-7789

High

7.8/10

Summary

An Improper Check for Unusual or Exceptional Conditions vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to remotely reboot Modicon M221 using crafted programing protocol frames.

Access Complexity: LOW
AccessVector: NETWORK
Authentication: NONE
Integrity Impact: NONE
Confidentiality Impact: NONE
Availability Impact: COMPLETE

CWE-754 - Improper Check for Unusual or Exceptional Conditions

The software does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the software.

References

Advisory Timeline

Published Aug 29, 2018

Improper Check for Unusual or Exceptional Conditions

CVE-2018-7789

Summary

CWE-754 - Improper Check for Unusual or Exceptional Conditions

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS