Details of VAR-202012-1616

ID

VAR-202012-1616

TITLE

Schneider Tricon safety instrumented system MP3009 processor has a denial of service vulnerability (CNVD-2020-67122)

Trust: 0.6

sources: CNVD: CNVD-2020-67122

DESCRIPTION

Tricon safety instrumented system is the safety instrumented system of Schneider Electric Co., Ltd., MP3009 module is the processor module of Schneider Tricon safety instrumented system. Schneider Tricon safety instrumented system MP3009 processor has a denial of service vulnerability. An attacker can use this vulnerability to launch a denial of service attack.

Trust: 0.6

sources: CNVD: CNVD-2020-67122

IOT TAXONOMY

category:

['IoT']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2020-67122

AFFECTED PRODUCTS

vendor:

schneider electric

model:

tricon safety instrumented system mp3009 processor

scope:

version:

11.3.*

Trust: 0.6

sources: CNVD: CNVD-2020-67122

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2020-67122
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2020-67122
severity:	MEDIUM
baseScore:	6.1
vectorString:	AV:A/AC:L/AU:N/C:N/I:N/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	6.5
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2020-67122

EXTERNAL IDS

db:

CNVD

id:

CNVD-2020-67122

Trust: 0.6

sources: CNVD: CNVD-2020-67122

SOURCES

db:

CNVD

id:

CNVD-2020-67122

LAST UPDATE DATE

2022-05-04T09:02:19.695000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2020-67122

date:

2020-11-30T00:00:00

SOURCES RELEASE DATE

db:

CNVD

id:

CNVD-2020-67122

date:

2020-12-28T00:00:00