CVE-2017-7575 - OpenCVE

Schneider Electric Modicon TM221CE16R 1.3.3.3 devices allow remote attackers to discover the application-protection password via a \x00\x01\x00\x00\x00\x05\x01\x5a\x00\x03\x00 request to the Modbus port (502/tcp). Subsequently the application may be arbitrarily downloaded, modified, and uploaded.

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Schneider-electric	Modicon Tm221ce16r Modicon Tm221ce16r Firmware

Configuration 1 [-]

AND

cpe:2.3:o:schneider-electric:modicon_tm221ce16r_firmware:1.3.3.3:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:modicon_tm221ce16r:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2017-097-02
http://www.securityfocus.com/bid/97523
https://os-s.net/advisories/OSS-2017-01.pdf

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2017-04-06T21:00:00

Updated: 2024-08-05T16:04:12.098Z

Reserved: 2017-04-06T00:00:00

Link: CVE-2017-7575

Vulnrichment

No data.

NVD

Status : Modified

Published: 2017-04-06T21:59:00.337

Modified: 2017-04-15T01:59:00.643

Link: CVE-2017-7575

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2017-04-06T00:00:00", "descriptions": [{"lang": "en", "value": "Schneider Electric Modicon TM221CE16R 1.3.3.3 devices allow remote attackers to discover the application-protection password via a \\x00\\x01\\x00\\x00\\x00\\x05\\x01\\x5a\\x00\\x03\\x00 request to the Modbus port (502/tcp). Subsequently the application may be arbitrarily downloaded, modified, and uploaded."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-04-14T04:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2017-097-02"}, {"tags": ["x_refsource_MISC"], "url": "https://os-s.net/advisories/OSS-2017-01.pdf"}, {"name": "97523", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/97523"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-7575", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Schneider Electric Modicon TM221CE16R 1.3.3.3 devices allow remote attackers to discover the application-protection password via a \\x00\\x01\\x00\\x00\\x00\\x05\\x01\\x5a\\x00\\x03\\x00 request to the Modbus port (502/tcp). Subsequently the application may be arbitrarily downloaded, modified, and uploaded."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2017-097-02", "refsource": "CONFIRM", "url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2017-097-02"}, {"name": "https://os-s.net/advisories/OSS-2017-01.pdf", "refsource": "MISC", "url": "https://os-s.net/advisories/OSS-2017-01.pdf"}, {"name": "97523", "refsource": "BID", "url": "http://www.securityfocus.com/bid/97523"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T16:04:12.098Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2017-097-02"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://os-s.net/advisories/OSS-2017-01.pdf"}, {"name": "97523", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/97523"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2017-7575", "datePublished": "2017-04-06T21:00:00", "dateReserved": "2017-04-06T00:00:00", "dateUpdated": "2024-08-05T16:04:12.098Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_tm221ce16r_firmware:1.3.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "26C40BAF-2C91-4069-A62E-1B1E60BA1619", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_tm221ce16r:-:*:*:*:*:*:*:*", "matchCriteriaId": "00715571-AC4B-4B1F-8E65-385B56F2004C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Schneider Electric Modicon TM221CE16R 1.3.3.3 devices allow remote attackers to discover the application-protection password via a \\x00\\x01\\x00\\x00\\x00\\x05\\x01\\x5a\\x00\\x03\\x00 request to the Modbus port (502/tcp). Subsequently the application may be arbitrarily downloaded, modified, and uploaded."}, {"lang": "es", "value": "Los dispositivos Schneider Electric Modicon TM221CE16R 1.3.3.3 permiten a atacantes remotos descubrir la contrase\u00f1a de protecci\u00f3n de la aplicaci\u00f3n a trav\u00e9s de una solicitud \\x00\\x01\\x00\\x00\\x00\\x05\\x01\\x5a\\x00\\x03\\x00 al puerto Modbus (502/tcp). Posteriormente la aplicaci\u00f3n puede descargarse, modificarse y cargarse arbitrariamente."}], "id": "CVE-2017-7575", "lastModified": "2017-04-15T01:59:00.643", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-04-06T21:59:00.337", "references": [{"source": "cve@mitre.org", "url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2017-097-02"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/97523"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://os-s.net/advisories/OSS-2017-01.pdf"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}