Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for Modicon Premium, Modicon Quantum, Modicon M340, BMXNOR0200 by Schneider Electric SE

    CVE-2018-7242 (GCVE-0-2018-7242)

    Vulnerability from nvd – Published: 2018-04-18 20:00 – Updated: 2024-08-05 06:24
    VLAI
    Summary
    Vulnerable hash algorithms exists in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communication modules. The algorithm used to encrypt the password is vulnerable to hash collision attacks.
    Severity
    No CVSS data available.
    CWE
    • Vulnerable Hash Algorithms
    Assigner
    References
    Impacted products
    Vendor Product Version
    Schneider Electric SE Modicon Premium, Modicon Quantum, Modicon M340, BMXNOR0200 Affected: All versions of communication modules for Modicon Premium, Quantum, M340 and BMXNOR0200
    Create a notification for this product.
    Date Public
    2018-03-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T06:24:11.352Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-081-01/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-086-01"
              },
              {
                "name": "103543",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/103543"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Modicon Premium, Modicon Quantum, Modicon M340, BMXNOR0200",
              "vendor": "Schneider Electric SE",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions of communication modules for Modicon Premium, Quantum, M340 and BMXNOR0200"
                }
              ]
            }
          ],
          "datePublic": "2018-03-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Vulnerable hash algorithms exists in Schneider Electric\u0027s Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communication modules. The algorithm used to encrypt the password is vulnerable to hash collision attacks."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Vulnerable Hash Algorithms",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-12-05T20:57:01.000Z",
            "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
            "shortName": "schneider"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-081-01/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-086-01"
            },
            {
              "name": "103543",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/103543"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cybersecurity@schneider-electric.com",
              "ID": "CVE-2018-7242",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Modicon Premium, Modicon Quantum, Modicon M340, BMXNOR0200",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions of communication modules for Modicon Premium, Quantum, M340 and BMXNOR0200"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Schneider Electric SE"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Vulnerable hash algorithms exists in Schneider Electric\u0027s Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communication modules. The algorithm used to encrypt the password is vulnerable to hash collision attacks."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Vulnerable Hash Algorithms"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.schneider-electric.com/en/download/document/SEVD-2018-081-01/",
                  "refsource": "CONFIRM",
                  "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-081-01/"
                },
                {
                  "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-086-01",
                  "refsource": "MISC",
                  "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-086-01"
                },
                {
                  "name": "103543",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/103543"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "assignerShortName": "schneider",
        "cveId": "CVE-2018-7242",
        "datePublished": "2018-04-18T20:00:00.000Z",
        "dateReserved": "2018-02-19T00:00:00.000Z",
        "dateUpdated": "2024-08-05T06:24:11.352Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-7241 (GCVE-0-2018-7241)

    Vulnerability from nvd – Published: 2018-04-18 20:00 – Updated: 2024-08-05 06:24
    VLAI
    Summary
    Hard coded accounts exist in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communication modules.
    Severity
    No CVSS data available.
    CWE
    • Hard-coded accounts
    Assigner
    References
    Impacted products
    Vendor Product Version
    Schneider Electric SE Modicon Premium, Modicon Quantum, Modicon M340, BMXNOR0200 Affected: All versions of communication modules for Modicon Premium, Quantum, M340 and BMXNOR0200
    Create a notification for this product.
    Date Public
    2018-03-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T06:24:11.691Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-081-01/"
              },
              {
                "name": "103542",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/103542"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-086-01"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Modicon Premium, Modicon Quantum, Modicon M340, BMXNOR0200",
              "vendor": "Schneider Electric SE",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions of communication modules for Modicon Premium, Quantum, M340 and BMXNOR0200"
                }
              ]
            }
          ],
          "datePublic": "2018-03-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Hard coded accounts exist in Schneider Electric\u0027s Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communication modules."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Hard-coded accounts",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-12-05T20:57:01.000Z",
            "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
            "shortName": "schneider"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-081-01/"
            },
            {
              "name": "103542",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/103542"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-086-01"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cybersecurity@schneider-electric.com",
              "ID": "CVE-2018-7241",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Modicon Premium, Modicon Quantum, Modicon M340, BMXNOR0200",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions of communication modules for Modicon Premium, Quantum, M340 and BMXNOR0200"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Schneider Electric SE"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Hard coded accounts exist in Schneider Electric\u0027s Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communication modules."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Hard-coded accounts"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.schneider-electric.com/en/download/document/SEVD-2018-081-01/",
                  "refsource": "CONFIRM",
                  "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-081-01/"
                },
                {
                  "name": "103542",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/103542"
                },
                {
                  "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-086-01",
                  "refsource": "MISC",
                  "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-086-01"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "assignerShortName": "schneider",
        "cveId": "CVE-2018-7241",
        "datePublished": "2018-04-18T20:00:00.000Z",
        "dateReserved": "2018-02-19T00:00:00.000Z",
        "dateUpdated": "2024-08-05T06:24:11.691Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-7242 (GCVE-0-2018-7242)

    Vulnerability from cvelistv5 – Published: 2018-04-18 20:00 – Updated: 2024-08-05 06:24
    VLAI
    Summary
    Vulnerable hash algorithms exists in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communication modules. The algorithm used to encrypt the password is vulnerable to hash collision attacks.
    Severity
    No CVSS data available.
    CWE
    • Vulnerable Hash Algorithms
    Assigner
    References
    Impacted products
    Vendor Product Version
    Schneider Electric SE Modicon Premium, Modicon Quantum, Modicon M340, BMXNOR0200 Affected: All versions of communication modules for Modicon Premium, Quantum, M340 and BMXNOR0200
    Create a notification for this product.
    Date Public
    2018-03-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T06:24:11.352Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-081-01/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-086-01"
              },
              {
                "name": "103543",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/103543"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Modicon Premium, Modicon Quantum, Modicon M340, BMXNOR0200",
              "vendor": "Schneider Electric SE",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions of communication modules for Modicon Premium, Quantum, M340 and BMXNOR0200"
                }
              ]
            }
          ],
          "datePublic": "2018-03-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Vulnerable hash algorithms exists in Schneider Electric\u0027s Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communication modules. The algorithm used to encrypt the password is vulnerable to hash collision attacks."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Vulnerable Hash Algorithms",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-12-05T20:57:01.000Z",
            "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
            "shortName": "schneider"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-081-01/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-086-01"
            },
            {
              "name": "103543",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/103543"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cybersecurity@schneider-electric.com",
              "ID": "CVE-2018-7242",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Modicon Premium, Modicon Quantum, Modicon M340, BMXNOR0200",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions of communication modules for Modicon Premium, Quantum, M340 and BMXNOR0200"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Schneider Electric SE"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Vulnerable hash algorithms exists in Schneider Electric\u0027s Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communication modules. The algorithm used to encrypt the password is vulnerable to hash collision attacks."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Vulnerable Hash Algorithms"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.schneider-electric.com/en/download/document/SEVD-2018-081-01/",
                  "refsource": "CONFIRM",
                  "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-081-01/"
                },
                {
                  "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-086-01",
                  "refsource": "MISC",
                  "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-086-01"
                },
                {
                  "name": "103543",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/103543"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "assignerShortName": "schneider",
        "cveId": "CVE-2018-7242",
        "datePublished": "2018-04-18T20:00:00.000Z",
        "dateReserved": "2018-02-19T00:00:00.000Z",
        "dateUpdated": "2024-08-05T06:24:11.352Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-7241 (GCVE-0-2018-7241)

    Vulnerability from cvelistv5 – Published: 2018-04-18 20:00 – Updated: 2024-08-05 06:24
    VLAI
    Summary
    Hard coded accounts exist in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communication modules.
    Severity
    No CVSS data available.
    CWE
    • Hard-coded accounts
    Assigner
    References
    Impacted products
    Vendor Product Version
    Schneider Electric SE Modicon Premium, Modicon Quantum, Modicon M340, BMXNOR0200 Affected: All versions of communication modules for Modicon Premium, Quantum, M340 and BMXNOR0200
    Create a notification for this product.
    Date Public
    2018-03-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T06:24:11.691Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-081-01/"
              },
              {
                "name": "103542",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/103542"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-086-01"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Modicon Premium, Modicon Quantum, Modicon M340, BMXNOR0200",
              "vendor": "Schneider Electric SE",
              "versions": [
                {
                  "status": "affected",
                  "version": "All versions of communication modules for Modicon Premium, Quantum, M340 and BMXNOR0200"
                }
              ]
            }
          ],
          "datePublic": "2018-03-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Hard coded accounts exist in Schneider Electric\u0027s Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communication modules."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Hard-coded accounts",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-12-05T20:57:01.000Z",
            "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
            "shortName": "schneider"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-081-01/"
            },
            {
              "name": "103542",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/103542"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-086-01"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cybersecurity@schneider-electric.com",
              "ID": "CVE-2018-7241",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Modicon Premium, Modicon Quantum, Modicon M340, BMXNOR0200",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "All versions of communication modules for Modicon Premium, Quantum, M340 and BMXNOR0200"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Schneider Electric SE"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Hard coded accounts exist in Schneider Electric\u0027s Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communication modules."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Hard-coded accounts"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.schneider-electric.com/en/download/document/SEVD-2018-081-01/",
                  "refsource": "CONFIRM",
                  "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-081-01/"
                },
                {
                  "name": "103542",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/103542"
                },
                {
                  "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-086-01",
                  "refsource": "MISC",
                  "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-086-01"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "assignerShortName": "schneider",
        "cveId": "CVE-2018-7241",
        "datePublished": "2018-04-18T20:00:00.000Z",
        "dateReserved": "2018-02-19T00:00:00.000Z",
        "dateUpdated": "2024-08-05T06:24:11.691Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }