Vulnerability CVE-2013-0664

Vulnerability CVE-2013-0664

Published: 2013-04-04

Description:

The FactoryCast service on the Schneider Electric Quantum 140NOE77111 and 140NWM10000, M340 BMXNOE0110x, and Premium TSXETY5103 PLC modules allows remote authenticated users to send Modbus messages, and consequently execute arbitrary code, by embedding these messages in SOAP HTTP POST requests.

Type:

CWE-noinfo

CVSS2 => (AV:N/AC:M/Au:S/C:C/I:C/A:C)

CVSS Base Score	Impact Subscore	Exploitability Subscore
8.5/10	10/10	6.8/10

Exploit range	Attack complexity	Authentication
Remote	Medium	Single time
Confidentiality impact	Integrity impact	Availability impact
Complete	Complete	Complete

Affected software
Schneider-electric -> Modicon m340
Schneider-electric -> Modicon premium
Schneider-electric -> Modicon quantum plc

References:

http://ics-cert.us-cert.gov/pdf/ICSA-13-077-01A.pdf

http://www.schneider-electric.com/download/ww/en/file/36555639-SEVD-2013-023-01.pdf/?fileName=SEVD-2013-023-01.pdf&reference=SEVD-2013-023-01&docType=Technical-paper

http://www.schneider-electric.com/download/ww/en/details/35081317-Vulnerability-Disclosure-for-Quantum-Premium-and-M340/

Vulnerability CVE-2013-0664

The FactoryCast service on the Schneider Electric Quantum 140NOE77111 and 140NWM10000, M340 BMXNOE0110x, and Premium TSXETY5103 PLC modules allows remote authenticated users to send Modbus messages, and consequently execute arbitrary code, by embedding these messages in SOAP HTTP POST requests.

CWE-noinfo

CVSS2 => (AV:N/AC:M/Au:S/C:C/I:C/A:C)

8.5/10

10/10

6.8/10

Remote

Medium

Single time

Complete

Complete

Complete

Affected software

References: