Lucene search

SchneiderCVE-2021-22816

HistoryJan 28, 2022 - 8:15 p.m.

CVE-2021-22816

2022-01-2820:15:10

CWE-754

schneider

web.nvd.nist.gov

cwe-754

denial of service

rtu

modbus

scadapack

cve-2021-22816

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

39.5%

JSON

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause a Denial of Service of the RTU when receiving a specially crafted request over Modbus, and the RTU is configured as a Modbus server. Affected Products: SCADAPack 312E, 313E, 314E, 330E, 333E, 334E, 337E, 350E and 357E RTUs with firmware V8.18.1 and prior

Affected configurations

Nvd

Node

schneider-electricscadapack_312e_firmwareRange<8.19.1

AND

schneider-electricscadapack_312eMatch-

Node

schneider-electricscadapack_313e_firmwareRange<8.19.1

AND

schneider-electricscadapack_313eMatch-

Node

schneider-electricscadapack_314e_firmwareRange<8.19.1

AND

schneider-electricscadapack_314eMatch-

Node

schneider-electricscadapack_330e_firmwareRange<8.19.1

AND

schneider-electricscadapack_330eMatch-

Node

schneider-electricscadapack_333e_firmwareRange<8.19.1

AND

schneider-electricscadapack_333eMatch-

Node

schneider-electricscadapack_334e_firmwareRange<8.19.1

AND

schneider-electricscadapack_334eMatch-

Node

schneider-electricscadapack_337e_firmwareRange<8.19.1

AND

schneider-electricscadapack_337eMatch-

Node

schneider-electricscadapack_350e_firmwareRange<8.19.1

AND

schneider-electricscadapack_350eMatch-

Node

schneider-electricscadapack_357e_firmwareRange<8.19.1

AND

schneider-electricscadapack_357eMatch-

VendorProductVersionCPE
schneider-electricscadapack_312e_firmware*cpe:2.3:o:schneider-electric:scadapack_312e_firmware:*:*:*:*:*:*:*:*
schneider-electricscadapack_312e-cpe:2.3:h:schneider-electric:scadapack_312e:-:*:*:*:*:*:*:*
schneider-electricscadapack_313e_firmware*cpe:2.3:o:schneider-electric:scadapack_313e_firmware:*:*:*:*:*:*:*:*
schneider-electricscadapack_313e-cpe:2.3:h:schneider-electric:scadapack_313e:-:*:*:*:*:*:*:*
schneider-electricscadapack_314e_firmware*cpe:2.3:o:schneider-electric:scadapack_314e_firmware:*:*:*:*:*:*:*:*
schneider-electricscadapack_314e-cpe:2.3:h:schneider-electric:scadapack_314e:-:*:*:*:*:*:*:*
schneider-electricscadapack_330e_firmware*cpe:2.3:o:schneider-electric:scadapack_330e_firmware:*:*:*:*:*:*:*:*
schneider-electricscadapack_330e-cpe:2.3:h:schneider-electric:scadapack_330e:-:*:*:*:*:*:*:*
schneider-electricscadapack_333e_firmware*cpe:2.3:o:schneider-electric:scadapack_333e_firmware:*:*:*:*:*:*:*:*
schneider-electricscadapack_333e-cpe:2.3:h:schneider-electric:scadapack_333e:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
schneider-electric	scadapack_312e_firmware	*	cpe:2.3:o:schneider-electric:scadapack_312e_firmware::::::::
schneider-electric	scadapack_312e	-	cpe:2.3:h:schneider-electric:scadapack_312e:-:::::::*
schneider-electric	scadapack_313e_firmware	*	cpe:2.3:o:schneider-electric:scadapack_313e_firmware::::::::
schneider-electric	scadapack_313e	-	cpe:2.3:h:schneider-electric:scadapack_313e:-:::::::*
schneider-electric	scadapack_314e_firmware	*	cpe:2.3:o:schneider-electric:scadapack_314e_firmware::::::::
schneider-electric	scadapack_314e	-	cpe:2.3:h:schneider-electric:scadapack_314e:-:::::::*
schneider-electric	scadapack_330e_firmware	*	cpe:2.3:o:schneider-electric:scadapack_330e_firmware::::::::
schneider-electric	scadapack_330e	-	cpe:2.3:h:schneider-electric:scadapack_330e:-:::::::*
schneider-electric	scadapack_333e_firmware	*	cpe:2.3:o:schneider-electric:scadapack_333e_firmware::::::::
schneider-electric	scadapack_333e	-	cpe:2.3:h:schneider-electric:scadapack_333e:-:::::::*

Rows per page:

1-10 of 181

References

download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-313-01

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

39.5%

JSON

Related for CVE-2021-22816