Описание
In Schneider Electric Triconex Tricon MP model 3008 firmware versions 10.0-10.4, when a system call is made, registers are stored to a fixed memory location. Modifying the data in this location could allow attackers to gain supervisor-level access and control system states.
Ссылки
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryUS Government Resource
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryUS Government Resource
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 10.0 (включая) до 10.0-10.4 (включая)
Одновременно
cpe:2.3:o:schneider-electric:triconex_tricon_mp_3008_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:schneider-electric:triconex_tricon_mp_3008:-:*:*:*:*:*:*:*
EPSS
Процентиль: 21%
0.00067
Низкий
6.7 Medium
CVSS3
7.2 High
CVSS2
Дефекты
CWE-119
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 6.7
github
больше 3 лет назад
In Schneider Electric Triconex Tricon MP model 3008 firmware versions 10.0-10.4, when a system call is made, registers are stored to a fixed memory location. Modifying the data in this location could allow attackers to gain supervisor-level access and control system states.
EPSS
Процентиль: 21%
0.00067
Низкий
6.7 Medium
CVSS3
7.2 High
CVSS2
Дефекты
CWE-119
NVD-CWE-noinfo