Details of VAR-202101-1986

ID

VAR-202101-1986

TITLE

Schneider Electric Triconex MP3008 has a code execution vulnerability

Trust: 0.6

sources: CNVD: CNVD-2021-12440

DESCRIPTION

Schneider Electric (China) Co., Ltd. is a leader in the field of global energy efficiency management. Its main business includes electric power, industrial automation, infrastructure, energy efficiency, energy, building automation and security electronics. Schneider Electric Triconex MP3008 has a code execution vulnerability, which can be exploited by attackers to gain control of the server.

Trust: 0.6

sources: CNVD: CNVD-2021-12440

AFFECTED PRODUCTS

vendor:

schneider electric

model:

triconex mp3008

scope:

version:

Trust: 0.6

sources: CNVD: CNVD-2021-12440

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2021-12440
value:	HIGH
Trust: 0.6

CNVD:	CNVD-2021-12440
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2021-12440

EXTERNAL IDS

db:

CNVD

id:

CNVD-2021-12440

Trust: 0.6

sources: CNVD: CNVD-2021-12440

SOURCES

db:

CNVD

id:

CNVD-2021-12440

LAST UPDATE DATE

2022-05-04T09:27:50.872000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2021-12440

date:

2021-02-25T00:00:00

SOURCES RELEASE DATE

db:

CNVD

id:

CNVD-2021-12440

date:

2021-01-24T00:00:00