CVE-2012-0931

Published: Jan 28, 2012Modified: Apr 29, 2026

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

Schneider Electric Modicon Quantum PLC does not perform authentication between the Unity software and PLC, which allows remote attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors.

Affected (1)

Products: Schneider Electric: Modicon Quantum Plc

Schneider Electric

1 product

Modicon Quantum Plc

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Schneider Electric Modicon Quantum Plc	All versions

Related CWEs

CWE-287

Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

References (10)

http://secunia.com/advisories/47723

Source: cve@mitre.org

Not Applicable

http://www.securityfocus.com/bid/51605

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-12-020-03.pdf

Source: cve@mitre.org

Broken Link

https://exchange.xforce.ibmcloud.com/vulnerabilities/72586

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

https://us-cert.cisa.gov/ics/alerts/ICS-ALERT-12-020-03

Source: cve@mitre.org

Third Party AdvisoryUS Government Resource

http://secunia.com/advisories/47723