Schneider.Electric.Modicon.Insecure.Credential.Transmission
Description
This indicates the detection of a cleartext transmission of sensitive information to Schneider Electric Modicon products.
The vulnerability exists because the login credentials are sent over the network in cleartext Base64 encoding. Attackers who can observe cleartext user credentials may then be able to log in to the web application and perform unauthorized data monitoring or unauthorized operations.
Affected Products
Modicon M241 Logic Controller, firmware version prior to 5.0.8.4
Modicon M251 Logic Controller, firmware version prior to 5.0.8.4
Modicon Quantum Co-processors ref. 140CPU6*
Modicon Premium Co-processors ref. TSXP* and TSXH*
Modicon Quantum Ethernet communication modules ref.140NOE* and 140NOC*
Modicon Premium Ethernet communication modules ref. TSXETY*
Modicon M340 CPU ref. BMXP34*
Modicon M340 Ethernet communication Modules ref. BMXNOC*, BMXNOE*, BMXNOR*
Modicon Momentum Ethernet MD
Impact
Authentication Bypass
Recommended Actions
Apply the vendor's update.
https://www.se.com/ww/en/download/document/SEVD-2017-075-03/
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |