CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
69.3%
Cross-site request forgery (CSRF) vulnerability on the Schneider Electric Quantum 140NOE77111, 140NOE77101, and 140NWM10000; M340 BMXNOC0401, BMXNOE0100x, and BMXNOE011xx; and Premium TSXETY4103, TSXETY5103, and TSXWMY100 PLC modules allows remote attackers to hijack the authentication of arbitrary users for requests that execute commands, as demonstrated by modifying HTTP credentials.
Vendor | Product | Version | CPE |
---|---|---|---|
schneider-electric | modicon_quantum_plc | 140noe77101 | cpe:2.3:h:schneider-electric:modicon_quantum_plc:140noe77101:*:*:*:*:*:*:* |
schneider-electric | modicon_quantum_plc | 140noe77111 | cpe:2.3:h:schneider-electric:modicon_quantum_plc:140noe77111:*:*:*:*:*:*:* |
schneider-electric | modicon_quantum_plc | 140nwm10000 | cpe:2.3:h:schneider-electric:modicon_quantum_plc:140nwm10000:*:*:*:*:*:*:* |
schneider-electric | modicon_m340 | bmxnoc0401 | cpe:2.3:h:schneider-electric:modicon_m340:bmxnoc0401:*:*:*:*:*:*:* |
schneider-electric | modicon_m340 | bmxnoe011xx | cpe:2.3:h:schneider-electric:modicon_m340:bmxnoe011xx:*:*:*:*:*:*:* |
schneider-electric | modicon_m340 | bmxnoe0100x | cpe:2.3:h:schneider-electric:modicon_m340:bmxnoe0100x:*:*:*:*:*:*:* |
schneider-electric | modicon_premium | tsxety4103 | cpe:2.3:h:schneider-electric:modicon_premium:tsxety4103:*:*:*:*:*:*:* |
schneider-electric | modicon_premium | tsxety5103 | cpe:2.3:h:schneider-electric:modicon_premium:tsxety5103:*:*:*:*:*:*:* |
schneider-electric | modicon_premium | tsxwmy100 | cpe:2.3:h:schneider-electric:modicon_premium:tsxwmy100:*:*:*:*:*:*:* |
ics-cert.us-cert.gov/pdf/ICSA-13-077-01A.pdf
www.schneider-electric.com/download/ww/en/details/35081317-Vulnerability-Disclosure-for-Quantum-Premium-and-M340/
www.schneider-electric.com/download/ww/en/file/36555639-SEVD-2013-023-01.pdf/?fileName=SEVD-2013-023-01.pdf&reference=SEVD-2013-023-01&docType=Technical-paper
www.exploit-db.com/exploits/44678/