ID
VAR-201602-0395
TITLE
Schneider Electric Modicon M580 EtherNetIP Protocol Stack Denial of Service Vulnerability
Trust: 0.2
DESCRIPTION
Schneider Electric PLCModicon M580 It is an Ethernet programmable controller. Schneider Electric PLC modicon M580 use EtherNetIP Protocol for industrial control communication. With M580 When communicating EthernetIP protocol “Semrrdata” Message Command_specific_data Field is set to 0x0C Time EtherNetIP There are security holes in the protocol stack, but ping Still reachable, need to shut down and restart to recover EtherNetIP Agreement services. Allows an attacker to use this vulnerability to launch a denial of service attack.
Trust: 0.2
IOT TAXONOMY
| category: | ['ICS'] | sub_category: | - | Trust: 0.2 |
AFFECTED PRODUCTS
| vendor: | schneider | model: | electric modicon m580 | scope: | eq | version: | ;* | Trust: 0.2 |
| vendor: | schneider | model: | - | scope: | eq | version: | * | Trust: 0.2 |
| vendor: | schneider | model: | electric modicon m580; | scope: | eq | version: | * | Trust: 0.2 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||
|
|
TYPE
Denial of service
Trust: 0.2
EXTERNAL IDS
| db: | CNVD | id: | CNVD-2016-01429 | Trust: 0.2 |
| db: | IVD | id: | 324126D0-1E44-11E6-ABEF-000C29C66E3D | Trust: 0.2 |
SOURCES
| db: | IVD | id: | 324126d0-1e44-11e6-abef-000c29c66e3d |
LAST UPDATE DATE
2022-05-17T01:57:43.434000+00:00
SOURCES UPDATE DATE
SOURCES RELEASE DATE
| db: | IVD | id: | 324126d0-1e44-11e6-abef-000c29c66e3d | date: | 2016-02-29T00:00:00 |