Details of VAR-201804-1269

ID

VAR-201804-1269

CVE

CVE-2018-7242

TITLE

plural Schneider Electric Vulnerability related to cryptographic strength in products

Trust: 0.8

sources: JVNDB: JVNDB-2018-004279

DESCRIPTION

Vulnerable hash algorithms exists in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communication modules. The algorithm used to encrypt the password is vulnerable to hash collision attacks. plural Schneider Electric The product contains a vulnerability related to cryptographic strength.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Schneider Electric Modicon Premium\\Modicon Quantum\\Modicon M340\\Modicon BMXNOR0200 is a programmable controller product from Schneider Electric, France. A number of Schneider Electric products have a weak encryption algorithm vulnerability that stems from the fact that the FTP server does not limit the length of the command parameters, which can cause buffer overflows. Multiple Schneider Electric Modicon products are prone to a remote security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks

Trust: 2.7

sources: NVD: CVE-2018-7242 // JVNDB: JVNDB-2018-004279 // CNVD: CNVD-2018-06519 // BID: 103543 // IVD: e2ea2f5e-39ab-11e9-890e-000c29342cb1 // VULHUB: VHN-137274

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: e2ea2f5e-39ab-11e9-890e-000c29342cb1 // CNVD: CNVD-2018-06519

AFFECTED PRODUCTS

vendor:	schneider electric	model:	tsxp57554m	scope:	eq	version:	-	Trust: 1.6
vendor:	schneider electric	model:	tsxh5724m	scope:	eq	version:	-	Trust: 1.6
vendor:	schneider electric	model:	tsxp573634mc	scope:	eq	version:	-	Trust: 1.6
vendor:	schneider electric	model:	tsxp57354mc	scope:	eq	version:	-	Trust: 1.6
vendor:	schneider electric	model:	tsxp574634mc	scope:	eq	version:	-	Trust: 1.6
vendor:	schneider electric	model:	tsxh5744mc	scope:	eq	version:	-	Trust: 1.6
vendor:	schneider electric	model:	tsxp575634mc	scope:	eq	version:	-	Trust: 1.6
vendor:	schneider electric	model:	tsxp57454mc	scope:	eq	version:	-	Trust: 1.6
vendor:	schneider electric	model:	tsxp57554mc	scope:	eq	version:	-	Trust: 1.6
vendor:	schneider electric	model:	tsxp576634mc	scope:	eq	version:	-	Trust: 1.6
vendor:	schneider electric	model:	tsxp57154m	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	tsxp57254mc	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	modicon m340 bmxp342000	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	tsxp57204mc	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	tsxp57254m	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	tsxp575634m	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	140cpu31110	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	140cpu65160	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	tsxp57104mc	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	modicon m340 bmxp341000h	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	140cpu65860c	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	tsxp57454m	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	tsxp571634mc	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	tsxp573634m	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	tsxp57104m	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	tsxp57304m	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	tsxp57304mc	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	140cpu65260	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	140cpu65150c	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	tsxp57354m	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	140cpu65160s	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	140cpu65160c	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	tsxh5744m	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	tsxp57154mc	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	modicon m340 bmxp342020h	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	tsxp571634m	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	modicon m340 bmxp3420302h	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	140cpu65260c	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	140cpu65860	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	modicon m340 bmxp3420302cl	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	bmxnor0200	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	bmxnor0200h	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	140cpu43412uc	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	140cpu43412u	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	tsxp574634m	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	modicon m340 bmxp3420302	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	tsxh5724mc	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	modicon m340 bmxp341000	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	modicon m340 bmxp342020	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	tsxp572634mc	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	140cpu65150	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	modicon m340 bmxp3420102cl	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	tsxp57204m	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	tsxp572634m	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	modicon m340 bmxp3420102	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	140cpu31110c	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	tsxp576634m	scope:	eq	version:	-	Trust: 1.0
vendor:	schneider electric	model:	bmxnor0200	scope:	-	version:	-	Trust: 0.8
vendor:	schneider electric	model:	modicon m340 pac	scope:	-	version:	-	Trust: 0.8
vendor:	schneider electric	model:	modicon premium plc	scope:	-	version:	-	Trust: 0.8
vendor:	schneider electric	model:	modicon quantum plc	scope:	-	version:	-	Trust: 0.8
vendor:	schneider	model:	electric modicon premium	scope:	-	version:	-	Trust: 0.6
vendor:	schneider	model:	electric modicon quantum	scope:	-	version:	-	Trust: 0.6
vendor:	schneider	model:	electric modicon m340	scope:	-	version:	-	Trust: 0.6
vendor:	schneider	model:	electric modicon rtu	scope:	eq	version:	x80	Trust: 0.6
vendor:	140cpu65160c	model:	-	scope:	eq	version:	-	Trust: 0.4
vendor:	tsxh5724m	model:	-	scope:	eq	version:	-	Trust: 0.4
vendor:	tsxh5744mc	model:	-	scope:	eq	version:	-	Trust: 0.4
vendor:	schneider electric	model:	modicon quantum	scope:	eq	version:	0	Trust: 0.3
vendor:	schneider electric	model:	modicon premium	scope:	eq	version:	0	Trust: 0.3
vendor:	schneider electric	model:	modicon m340	scope:	eq	version:	0	Trust: 0.3
vendor:	schneider electric	model:	modicon bmxnor0200	scope:	eq	version:	0	Trust: 0.3
vendor:	bmxnor0200	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	140cpu65150c	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	140cpu31110c	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	140cpu43412uc	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	140cpu65260c	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	140cpu65860c	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	bmxp341000	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	bmxp342000	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	bmxp3420102	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	bmxnor0200h	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	bmxp3420102cl	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	bmxp342020	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	bmxp3420302	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	bmxp3420302cl	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	bmxp3420302h	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	bmxp342020h	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	bmxp341000h	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxh5744m	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxp57104m	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	140cpu65150	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxp57154m	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxp571634m	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxp57204m	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxp57254m	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxp572634m	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxp57304m	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxp57354m	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxp573634m	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxp57454m	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxp574634m	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	140cpu31110	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxp575634m	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxp576634m	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxh5724mc	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxp57104mc	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxp57154mc	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxp571634mc	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxp57204mc	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxp57254mc	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxp572634mc	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	140cpu43412u	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxp57304mc	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxp57354mc	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxp573634mc	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxp57454mc	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxp574634mc	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxp57554mc	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxp575634mc	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxp576634mc	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	140cpu65160	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	tsxp57554m	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	140cpu65260	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	140cpu65860	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	140cpu65160s	model:	-	scope:	eq	version:	-	Trust: 0.2

sources: IVD: e2ea2f5e-39ab-11e9-890e-000c29342cb1 // CNVD: CNVD-2018-06519 // BID: 103543 // JVNDB: JVNDB-2018-004279 // CNNVD: CNNVD-201803-1000 // NVD: CVE-2018-7242

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-7242
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2018-7242
value:	CRITICAL
Trust: 0.8
CNVD:	CNVD-2018-06519
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201803-1000
value:	MEDIUM
Trust: 0.6
IVD:	e2ea2f5e-39ab-11e9-890e-000c29342cb1
value:	MEDIUM
Trust: 0.2
VULHUB:	VHN-137274
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2018-7242
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2018-06519
severity:	MEDIUM
baseScore:	6.1
vectorString:	AV:N/AC:H/AU:N/C:N/I:P/A:C
accessVector:	NETWORK
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	COMPLETE
exploitabilityScore:	4.9
impactScore:	7.8
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	e2ea2f5e-39ab-11e9-890e-000c29342cb1
severity:	MEDIUM
baseScore:	6.1
vectorString:	AV:N/AC:H/AU:N/C:N/I:P/A:C
accessVector:	NETWORK
accessComplexity:	HIGH
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	COMPLETE
exploitabilityScore:	4.9
impactScore:	7.8
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
VULHUB:	VHN-137274
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-7242
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: IVD: e2ea2f5e-39ab-11e9-890e-000c29342cb1 // CNVD: CNVD-2018-06519 // VULHUB: VHN-137274 // JVNDB: JVNDB-2018-004279 // CNNVD: CNNVD-201803-1000 // NVD: CVE-2018-7242

PROBLEMTYPE DATA

problemtype:

CWE-326

Trust: 1.9

sources: VULHUB: VHN-137274 // JVNDB: JVNDB-2018-004279 // NVD: CVE-2018-7242

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201803-1000

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201803-1000

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-004279

PATCH

title:	Security Notification - Embedded FTP Servers for Modicon	url:	https://www.schneider-electric.com/en/download/document/SEVD-2018-081-01/	Trust: 0.8
title:	Multiple Schneider Electric Product security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=79470	Trust: 0.6

sources: JVNDB: JVNDB-2018-004279 // CNNVD: CNNVD-201803-1000

EXTERNAL IDS

db:	NVD	id:	CVE-2018-7242	Trust: 3.6
db:	ICS CERT	id:	ICSA-18-086-01	Trust: 3.4
db:	SCHNEIDER	id:	SEVD-2018-081-01	Trust: 2.0
db:	BID	id:	103543	Trust: 1.4
db:	CNNVD	id:	CNNVD-201803-1000	Trust: 0.9
db:	CNVD	id:	CNVD-2018-06519	Trust: 0.8
db:	JVNDB	id:	JVNDB-2018-004279	Trust: 0.8
db:	NSFOCUS	id:	39225	Trust: 0.6
db:	IVD	id:	E2EA2F5E-39AB-11E9-890E-000C29342CB1	Trust: 0.2
db:	VULHUB	id:	VHN-137274	Trust: 0.1

sources: IVD: e2ea2f5e-39ab-11e9-890e-000c29342cb1 // CNVD: CNVD-2018-06519 // VULHUB: VHN-137274 // BID: 103543 // JVNDB: JVNDB-2018-004279 // CNNVD: CNNVD-201803-1000 // NVD: CVE-2018-7242

REFERENCES

url:	https://ics-cert.us-cert.gov/advisories/icsa-18-086-01	Trust: 3.4
url:	https://www.schneider-electric.com/en/download/document/sevd-2018-081-01/	Trust: 2.0
url:	http://www.securityfocus.com/bid/103543	Trust: 1.1
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7242	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-7242	Trust: 0.8
url:	http://www.nsfocus.net/vulndb/39225	Trust: 0.6
url:	http://www.schneider-electric.com/site/home/index.cfm/ww/?selectcountry=true	Trust: 0.3

sources: CNVD: CNVD-2018-06519 // VULHUB: VHN-137274 // BID: 103543 // JVNDB: JVNDB-2018-004279 // CNNVD: CNNVD-201803-1000 // NVD: CVE-2018-7242

CREDITS

Nikita Maximov (Positive Technologies)

Trust: 0.3

sources: BID: 103543

SOURCES

db:	IVD	id:	e2ea2f5e-39ab-11e9-890e-000c29342cb1
db:	CNVD	id:	CNVD-2018-06519
db:	VULHUB	id:	VHN-137274
db:	BID	id:	103543
db:	JVNDB	id:	JVNDB-2018-004279
db:	CNNVD	id:	CNNVD-201803-1000
db:	NVD	id:	CVE-2018-7242

LAST UPDATE DATE

2024-11-23T22:45:23.622000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2018-06519	date:	2018-03-28T00:00:00
db:	VULHUB	id:	VHN-137274	date:	2018-12-05T00:00:00
db:	BID	id:	103543	date:	2018-03-22T00:00:00
db:	JVNDB	id:	JVNDB-2018-004279	date:	2018-07-04T00:00:00
db:	CNNVD	id:	CNNVD-201803-1000	date:	2018-05-09T00:00:00
db:	NVD	id:	CVE-2018-7242	date:	2024-11-21T04:11:51.740

SOURCES RELEASE DATE

db:	IVD	id:	e2ea2f5e-39ab-11e9-890e-000c29342cb1	date:	2018-03-28T00:00:00
db:	CNVD	id:	CNVD-2018-06519	date:	2018-03-28T00:00:00
db:	VULHUB	id:	VHN-137274	date:	2018-04-18T00:00:00
db:	BID	id:	103543	date:	2018-03-22T00:00:00
db:	JVNDB	id:	JVNDB-2018-004279	date:	2018-06-15T00:00:00
db:	CNNVD	id:	CNNVD-201803-1000	date:	2018-03-28T00:00:00
db:	NVD	id:	CVE-2018-7242	date:	2018-04-18T20:29:00.373