CRITICAL🇵🇱 Wersja polska

CVE-2017-6034

CVSS 9.8v3.0pub. 2017-06-30upd. 2026-06-04

An authentication bypass by capture-replay issue was discovered in Schneider Electric Modicon Modbus Protocol. Sensitive information is transmitted in cleartext in the Modicon Modbus protocol, which may allow an attacker to replay the following commands: run, stop, upload, and download.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Schneider Electric Modbus

    HW
    Schneider-Electric
    wszystkie wersje
  • Schneider Electric Modbus Firmware

    OS
    Schneider-Electric
    wszystkie wersje
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Auth Bypass
CWE
References

Related vulnerabilities

CVE-2017-6032MEDIUM5.3ten sam produkt

A Violation of Secure Design Principles issue was discovered in Schneider Electric Modicon Modbus Protocol. Th...

CVE-2018-7841CRITICAL9.8⚠ KEVten sam vendor

A SQL Injection (CWE-89) vulnerability exists in U.motion Builder software version 1.3.4 which could cause unw...

CVE-2024-10575CRITICAL10.0PL ✓ten sam vendor

Brak autoryzacji w Schneider Electric EcoStruxure IT Gateway (CVSS 10.0)

CVE-2024-6407CRITICAL9.8PL ✓ten sam vendor

Ujawnienie poświadczeń w urządzeniu Schneider Electric WHC-5918A

CVE-2024-37036CRITICAL9.8PL ✓ten sam vendor

Out-of-bounds Write umożliwiający Auth Bypass w Schneider Electric Sage RTU