Vulnerabilities for Somachine basic (...) - CXSECURITY.COM

Vulnerabilities for 'Somachine basic'

2019-05-22

CVE-2018-7823

CWE-20

A Environment (CWE-2) vulnerability exists in SoMachine Basic, all versions, and Modicon M221(all references, all versions prior to firmware V1.10.0.0) which could cause remote launch of SoMachine Basic when sending crafted ethernet message.

CVE-2018-7822

CWE-275

An Incorrect Default Permissions (CWE-276) vulnerability exists in SoMachine Basic, all versions, and Modicon M221(all references, all versions prior to firmware V1.10.0.0) which could cause unauthorized access to SoMachine Basic resource files when logged on the system hosting SoMachine Basic.

CVE-2018-7821

CWE-399

An Environment (CWE-2) vulnerability exists in SoMachine Basic, all versions, and Modicon M221(all references, all versions prior to firmware V1.10.0.0) which could cause cycle time impact when flooding the M221 ethernet interface while the Ethernet/IP adapter is activated.

2018-11-02

CVE-2018-7798

CWE-345

A Insufficient Verification of Data Authenticity (CWE-345) vulnerability exists in the Modicon M221, all versions, which could cause a change of IPv4 configuration (IP address, mask and gateway) when remotely connected to the device.

2018-07-03

CVE-2018-7783

CWE-611

Schneider Electric SoMachine Basic prior to v1.6 SP1 suffers from an XML External Entity (XXE) vulnerability using the DTD parameter entities technique resulting in disclosure and retrieval of arbitrary data on the affected node via out-of-band (OOB) attack. The vulnerability is triggered when input passed to the xml parser is not sanitized while parsing the xml project/template file.

>>> Vendor: Schneider-electric 299 Products

Opc factory server

Telemecanique driver pack

Citecthistorian

Citectscada reports

Vijeo historian

M340 ethernet module bmxnoe0100

M340 ethernet module bmxnoe0110

M340 ethernet module bmxp342020

M340 ethernet module bmxp342030

Premium ethernet module tsxety4103

Premium ethernet module tsxety5103

Premium ethernet module tsxp57163m

Premium ethernet module tsxp572634m

Premium ethernet module tsxp573634m

Premium ethernet module tsxp574634m

Premium ethernet module tsxp575634m

Premium ethernet module tsxp576634m

Quantum ethernet module 140cpu65150

Quantum ethernet module 140cpu65160

Quantum ethernet module 140cpu65260

Quantum ethernet module 140noe77100

Quantum ethernet module 140noe77101

Quantum ethernet module 140noe77111

Stb dio ethernet module stbnic2212

Stb dio ethernet module stbnip2212

Stb dio ethernet module stbnip2311

Modicon quantum plc

Software update utility

Interactive graphical scada system

Accutech manager

Modicon premium

Magelis xbt hmi

Micom s1 studio

Citectfacilities

Tburjr900 firmware

Scada expert clearscada

Telvent sage 3030

Telvent sage 3030 firmware

Struxureware scada expert vijeo citect

Struxureware powerscada expert

Powerlogic scada

Floating license manager

Ofs test client tlxcdlfofs33

Ofs test client tlxcdltofs33

Ofs test client tlxcdluofs33

Ofs test client tlxcdstofs33

Ofs test client tlxcdsuofs33

Modbus serial driver

Modbuscommdtm sl

Opc factory server tlxcdlfofs

Opc factory server tlxcdltofs

Opc factory server tlxcdluofs

Opc factory server tlxcdstofs

Opc factory server tlxcdsuofs

Modicon plc ethernet module

Wonderware intouch access anywhere server

Etg3000 factorycast hmi gateway firmware

Device type manager

Wonderware system platform 2014

Imt25 magnetic flow dtm

Powerlogic pm8ecc firmware

Pelco digital sentry video management system firmware

See all Products for Vendor Schneider-electric

Copyright 2024, cxsecurity.com