Details of VAR-202012-1615

ID

VAR-202012-1615

TITLE

Schneider Tricon safety instrumented system MP3009 processor has a denial of service vulnerability (CNVD-2020-67121)

Trust: 0.6

sources: CNVD: CNVD-2020-67121

DESCRIPTION

Tricon safety instrumented system is the safety instrumented system of Schneider Electric Co., Ltd., MP3009 module is the processor module of Schneider Tricon safety instrumented system. Schneider Tricon safety instrumented system MP3009 processor has a denial of service vulnerability. An attacker can use this vulnerability to launch a denial of service attack.

Trust: 0.6

sources: CNVD: CNVD-2020-67121

IOT TAXONOMY

category:

['IoT']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2020-67121

AFFECTED PRODUCTS

vendor:

schneider electric

model:

tricon safety instrumented system mp3009 processor

scope:

version:

11.3.*

Trust: 0.6

sources: CNVD: CNVD-2020-67121

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2020-67121
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2020-67121
severity:	MEDIUM
baseScore:	6.1
vectorString:	AV:A/AC:L/AU:N/C:N/I:N/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	6.5
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2020-67121

EXTERNAL IDS

db:

CNVD

id:

CNVD-2020-67121

Trust: 0.6

sources: CNVD: CNVD-2020-67121

SOURCES

db:

CNVD

id:

CNVD-2020-67121

LAST UPDATE DATE

2022-05-04T09:32:36.978000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2020-67121

date:

2020-11-30T00:00:00

SOURCES RELEASE DATE

db:

CNVD

id:

CNVD-2020-67121

date:

2020-12-28T00:00:00