CVE-2018-7789

Published: Aug 29, 2018Modified: May 29, 2026

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

An Improper Check for Unusual or Exceptional Conditions vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to remotely reboot Modicon M221 using crafted programing protocol frames.

Affected (1)

Products: Schneider Electric: Modicon M221 Firmware

Schneider Electric

1 product

Modicon M221 Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Modicon M221 Firmware	Before 1.6.2.0

Running on/with	Platform Versions
Schneider Electric Modicon M221	All versions

Related CWEs

Improper Check for Unusual or Exceptional Conditions

The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.

References (6)

http://www.securityfocus.com/bid/105171

Source: cybersecurity@se.com

Third Party AdvisoryVDB Entry

https://ics-cert.us-cert.gov/advisories/ICSA-18-240-02

Source: cybersecurity@se.com

MitigationThird Party AdvisoryUS Government Resource

https://www.schneider-electric.com/en/download/document/SEVD-2018-233-01/

Source: cybersecurity@se.com

MitigationVendor Advisory

http://www.securityfocus.com/bid/105171

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://ics-cert.us-cert.gov/advisories/ICSA-18-240-02

Source: af854a3a-2127-422b-91ae-364da2661108

MitigationThird Party AdvisoryUS Government Resource

https://www.schneider-electric.com/en/download/document/SEVD-2018-233-01/

Source: af854a3a-2127-422b-91ae-364da2661108

MitigationVendor Advisory

Timeline

No history available yet.