Schneider Electric Modicon CVE-2017-7575 Information Disclosure Vulnerability

Schneider Electric Modicon TM221CE16R is prone to a local information-disclosure vulnerability.

An attacker can exploit this issue to obtain potentially sensitive information. Information obtained may aid in further attacks.

Schneider Modicon TM221CE16R firmware is affected.


Bugtraq ID: 97523
Class: Design Error
CVE: CVE-2017-7575

Remote: Yes
Local: No
Published: Apr 06 2017 12:00AM
Updated: Apr 17 2017 03:07PM
Credit: Simon Heming, Maik Brüggemann, Hendrik Schwartke, Ralf Spenneberg.
Vulnerable: Schneider-Electric Modicon TM221CE16R
Schneider-Electric Modicon M221
Schneider-Electric Modicon M221

Not Vulnerable:


The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.

Related Posts