virus logo Intrusion Prevention

Schneider.Electric.Modicon.Insecure.Credential.Transmission

description-logoDescription

This indicates the detection of a cleartext transmission of sensitive information to Schneider Electric Modicon products.
The vulnerability exists because the login credentials are sent over the network in cleartext Base64 encoding. Attackers who can observe cleartext user credentials may then be able to log in to the web application and perform unauthorized data monitoring or unauthorized operations.

affected-products-logoAffected Products

Modicon M241 Logic Controller, firmware version prior to 5.0.8.4
Modicon M251 Logic Controller, firmware version prior to 5.0.8.4
Modicon Quantum Co-processors ref. 140CPU6*
Modicon Premium Co-processors ref. TSXP* and TSXH*
Modicon Quantum Ethernet communication modules ref.140NOE* and 140NOC*
Modicon Premium Ethernet communication modules ref. TSXETY*
Modicon M340 CPU ref. BMXP34*
Modicon M340 Ethernet communication Modules ref. BMXNOC*, BMXNOE*, BMXNOR*
Modicon Momentum Ethernet MD

Impact logoImpact

Authentication Bypass

recomended-action-logoRecommended Actions

Apply the vendor's update.
https://www.se.com/ww/en/download/document/SEVD-2017-075-03/

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

References

https://www.se.com/ww/en/download/document/SEVD-2017-075-03/
ID 49482
Created Sep 08, 2020
Updated Mar 10, 2021
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon
CVE ID CVE-2017-6028
Exploit Prediction Score 0.21%
Default Action drop
Active
Affected OS Other
Affected App Other