Details of VAR-202101-2010

ID

VAR-202101-2010

TITLE

Schneider Tricon safety instrumented system MP3009 processor has a denial of service vulnerability (CNVD-2020-70794)

Trust: 0.6

sources: CNVD: CNVD-2020-70794

DESCRIPTION

Tricon safety instrumented system is the safety instrumented system of Schneider Electric Co., Ltd., MP3009 module is the processor module of Schneider Tricon safety instrumented system. Schneider Tricon safety instrumented system MP3009 processor has a denial of service vulnerability. An attacker can use this vulnerability to launch a denial of service attack.

Trust: 0.6

sources: CNVD: CNVD-2020-70794

IOT TAXONOMY

category:

['IoT']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2020-70794

AFFECTED PRODUCTS

vendor:

schneider electric

model:

tricon safety instrumented system mp3009 processor

scope:

version:

11.3.*

Trust: 0.6

sources: CNVD: CNVD-2020-70794

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2020-70794
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2020-70794
severity:	MEDIUM
baseScore:	6.1
vectorString:	AV:A/AC:L/AU:N/C:N/I:N/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	6.5
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2020-70794

EXTERNAL IDS

db:

CNVD

id:

CNVD-2020-70794

Trust: 0.6

sources: CNVD: CNVD-2020-70794

SOURCES

db:

CNVD

id:

CNVD-2020-70794

LAST UPDATE DATE

2022-05-04T09:27:50.861000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2020-70794

date:

2020-12-15T00:00:00

SOURCES RELEASE DATE

db:

CNVD

id:

CNVD-2020-70794

date:

2021-01-18T00:00:00