Memory corruption

2018-05-0417:29:00

PRIOn knowledge base

www.prio-n.com

7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

23.3%

JSON

In Schneider Electric Triconex Tricon MP model 3008 firmware versions 10.0-10.4, when a system call is made, registers are stored to a fixed memory location. Modifying the data in this location could allow attackers to gain supervisor-level access and control system states.

CPENameOperatorVersion
triconex_tricon_mp_3008_firmwarege10.0
triconex_tricon_mp_3008_firmwarele10.0

CPE	Name	Operator	Version
	triconex_tricon_mp_3008_firmware	ge	10.0
	triconex_tricon_mp_3008_firmware	le	10.0

References

www.securityfocus.com/bid/103947

ics-cert.us-cert.gov/advisories/ICSA-18-107-02

www.schneider-electric.com/en/download/document/SEVD-2017-347-01/