Detections
Analytics

Multiple Schneider Electric Modicon PLC Modules Directory Traversal

critical Nessus Network Monitor Plugin ID 37

Synopsis

A Schneider Electric Modicon programmable logic controller (PLC) communications module containing a directory traversal vulnerability has been detected.

Description

Schneider Electric Ethernet modules for Modicon M340, Modicon Quantum, and Modicon Premium PLCs in addition to Modicon Momentum, Modicon TSX Micro, and Modicon STB modules that provide HTTP services contain a directory traversal vulnerability. Attackers can remotely bypass web server authentication thereby achieving unauthenticated administrative access and control of the device.

Solution

See Schneider Electric's Security Advisory, SEVD-2014-260-01, for a list of firmware updates that fix this issue.

See Also

http://download.schneider-electric.com/files?p_Reference=SEVD-2014-260-01&p_EnDocType=Software%20-%20Updates&p_File_Id=608959359&p_File_Name=SEVD-2014-260-01.pdf

Plugin Details

Severity: Critical

ID: 37

Family: SCADA

Published: 5/21/2019

Updated: 9/30/2019

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/h:schneider-electric:modicon_plc_ethernet_module

Patch Publication Date: 10/3/2014

Vulnerability Publication Date: 10/3/2014

Reference Information

CVE: CVE-2014-0754

BID: 70193