Schneider Electric Modicon CVE-2017-7575 Information Disclosure Vulnerability



Schneider Electric Modicon TM221CE16R is prone to a local information-disclosure vulnerability.

An attacker can exploit this issue to obtain potentially sensitive information. Information obtained may aid in further attacks.

Schneider Modicon TM221CE16R firmware 1.3.3.3 is affected.

Information

Bugtraq ID: 97523
Class: Design Error
CVE: CVE-2017-7575

Remote: Yes
Local: No
Published: Apr 06 2017 12:00AM
Updated: Apr 17 2017 03:07PM
Credit: Simon Heming, Maik Brüggemann, Hendrik Schwartke, Ralf Spenneberg.
Vulnerable: Schneider-Electric Modicon TM221CE16R 1.3.3.3
Schneider-Electric Modicon M221 1.5.0.1
Schneider-Electric Modicon M221 1.5.0.0


Not Vulnerable:

Exploit


The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.


Related Posts

Comments