Details of VAR-201704-1595

ID

VAR-201704-1595

TITLE

Schneider Modicon M221CE16R Hardcoded Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2017-04007

DESCRIPTION

The Modicon M221CE16R is an integrated programmable controller from Schneider Electric. The Schneider Modicon M221CE16R has a hard-coded vulnerability. The XML file is AES-CBC encrypted, but the key used for encryption is hard-coded and cannot be changed. After decrypting the XML file using the standard password, the attacker can find the user's password in the decrypted data and open and modify the project using SoMachine Basic

Trust: 0.72

sources: CNVD: CNVD-2017-04007 // IVD: 6c473daa-a774-479e-8a52-37ed4fe00bc4

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: 6c473daa-a774-479e-8a52-37ed4fe00bc4 // CNVD: CNVD-2017-04007

AFFECTED PRODUCTS

vendor:	schneider	model:	electric modicon tm221ce16r	scope:	eq	version:	1.3.3.3	Trust: 0.6
vendor:	schneider	model:	electric somachine basic sp1	scope:	eq	version:	1.4	Trust: 0.6
vendor:	schneider	model:	electric modicon tm221ce16r	scope:	eq	version:	)1.3.3.3*	Trust: 0.2
vendor:	schneider	model:	electric somachine basic sp1	scope:	eq	version:	)1.4*	Trust: 0.2

sources: IVD: 6c473daa-a774-479e-8a52-37ed4fe00bc4 // CNVD: CNVD-2017-04007

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2017-04007
value:	MEDIUM
Trust: 0.6
IVD:	6c473daa-a774-479e-8a52-37ed4fe00bc4
value:	MEDIUM
Trust: 0.2

CNVD:	CNVD-2017-04007
severity:	MEDIUM
baseScore:	6.4
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	6c473daa-a774-479e-8a52-37ed4fe00bc4
severity:	MEDIUM
baseScore:	6.4
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2

sources: IVD: 6c473daa-a774-479e-8a52-37ed4fe00bc4 // CNVD: CNVD-2017-04007

TYPE

Encryption issues

Trust: 0.2

sources: IVD: 6c473daa-a774-479e-8a52-37ed4fe00bc4

EXTERNAL IDS

db:	CNVD	id:	CNVD-2017-04007	Trust: 0.8
db:	IVD	id:	6C473DAA-A774-479E-8A52-37ED4FE00BC4	Trust: 0.2

sources: IVD: 6c473daa-a774-479e-8a52-37ed4fe00bc4 // CNVD: CNVD-2017-04007

REFERENCES

url:	http://seclists.org/bugtraq/2017/apr/19	Trust: 0.6
url:	https://www.os-s.net/advisories/oss-2017-02.pdf	Trust: 0.6

sources: CNVD: CNVD-2017-04007

SOURCES

db:	IVD	id:	6c473daa-a774-479e-8a52-37ed4fe00bc4
db:	CNVD	id:	CNVD-2017-04007

LAST UPDATE DATE

2022-05-17T01:43:14.344000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2017-04007

date:

2017-04-06T00:00:00

SOURCES RELEASE DATE

db:	IVD	id:	6c473daa-a774-479e-8a52-37ed4fe00bc4	date:	2017-04-06T00:00:00
db:	CNVD	id:	CNVD-2017-04007	date:	2017-04-06T00:00:00