CVE-2021-22746

Published: May 26, 2021Modified: Nov 21, 2024

3.9

Vector

CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Exploitability: 0.3 / Impact: 3.6

Source: NVD

Description

Improper Check for Unusual or Exceptional Conditions vulnerability exists in Triconex Model 3009 MP installed on Tricon V11.3.x systems that could cause module reset when TCM receives malformed TriStation packets while the write-protect keyswitch is in the program position. This CVE ID is unique from CVE-2021-22742, CVE-2021-22744, CVE-2021-22745, and CVE-2021-22747.

Affected (3)

Products: Schneider Electric: Triconex Model 3009 Mp Firmware, Tcm 4351b Firmware

Schneider Electric

2 products

Triconex Model 3009 Mp Firmware

Tcm 4351b Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Triconex Model 3009 Mp Firmware	From 11.3.0 to 11.8.0

Running on/with	Platform Versions
Schneider Electric Triconex Model 3009 Mp	All versions

Configuration B

2 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Schneider Electric Tcm 4351b Firmware	From 11.3.0 to 11.5.1
Schneider Electric Tcm 4351b Firmware	Version 11.7.0

Running on/with	Platform Versions
Schneider Electric Tcm 4351b	All versions

Related CWEs

Improper Check for Unusual or Exceptional Conditions

The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.

References (2)

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-03

Source: cybersecurity@se.com

Vendor Advisory

https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-03

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.