Detections
Analytics

Schneider Electric Modicon Controllers (ICSA-19-136-01)

high Nessus Network Monitor Plugin ID 720272

Synopsis

Modicon M580, Modicon M340, Modicon Premium and Modicon Quantum devices are affected by a Use of Insufficiently Random Values vulnerability.

Description

A Use of Insufficiently Random Values vulnerability exists, which could cause the hijacking of the TCP connection when using Ethernet communication in Modicon M580 firmware versions prior to V2.30, and all firmware versions of Modicon M340, Modicon Premium, Modicon Quantum.

Solution

For Modicon M580, firmware version 2.80 is available for download. For Modicon M340, Modicon Premium and Modicon Quantum, Schneider Electric recommends that affected users set up network segmentation and implement a firewall to block all unauthorized access to all TCP ports.

See Also

https://www.us-cert.gov/ics/advisories/ICSA-19-136-01

Plugin Details

Severity: High

ID: 720272

Family: SCADA

Published: 7/26/2019

Updated: 9/30/2019

Risk Information

VPR

Risk Factor: Low

Score: 2.5

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

Patch Publication Date: 5/16/2019

Vulnerability Publication Date: 5/16/2019

Reference Information

CVE: CVE-2019-6821