CVE-2018-7822

2019-05-2219:37:16

schneider

www.cve.org

5.5 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.1%

JSON

An Incorrect Default Permissions (CWE-276) vulnerability exists in SoMachine Basic, all versions, and Modicon M221(all references, all versions prior to firmware V1.10.0.0) which could cause unauthorized access to SoMachine Basic resource files when logged on the system hosting SoMachine Basic.

CNA Affected

[
  {
    "product": "SoMachine Basic and Modicon M221, SoMachine Basic, all versions Modicon M221, all references, all versions prior to firmware V1.10.0.0",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "SoMachine Basic and Modicon M221, SoMachine Basic, all versions Modicon M221, all references, all versions prior to firmware V1.10.0.0"
      }
    ]
  }
]

References

www.schneider-electric.com/en/download/document/SEVD-2019-045-01/