Vulnerable hash algorithms exists in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communication modules. The algorithm used to encrypt the password is vulnerable to hash collision attacks.
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HSchneider Electric 140cpu31110
HWSchneider-Electricwszystkie wersjeSchneider Electric 140cpu31110c
HWSchneider-Electricwszystkie wersjeSchneider Electric 140cpu31110c Firmware
OSSchneider-Electricwszystkie wersjeSchneider Electric 140cpu31110 Firmware
OSSchneider-Electricwszystkie wersjeSchneider Electric 140cpu43412u
HWSchneider-Electricwszystkie wersjeSchneider Electric 140cpu43412uc
HWSchneider-Electricwszystkie wersjeSchneider Electric 140cpu43412uc Firmware
OSSchneider-Electricwszystkie wersjeSchneider Electric 140cpu43412u Firmware
OSSchneider-Electricwszystkie wersjeSchneider Electric 140cpu65150
HWSchneider-Electricwszystkie wersjeSchneider Electric 140cpu65150c
HWSchneider-Electricwszystkie wersjeSchneider Electric 140cpu65150c Firmware
OSSchneider-Electricwszystkie wersjeSchneider Electric 140cpu65150 Firmware
OSSchneider-Electricwszystkie wersjeSchneider Electric 140cpu65160
HWSchneider-Electricwszystkie wersjeSchneider Electric 140cpu65160c
HWSchneider-Electricwszystkie wersjeSchneider Electric 140cpu65160c Firmware
OSSchneider-Electricwszystkie wersjeSchneider Electric 140cpu65160 Firmware
OSSchneider-Electricwszystkie wersjeSchneider Electric 140cpu65160s
HWSchneider-Electricwszystkie wersjeSchneider Electric 140cpu65160s Firmware
OSSchneider-Electricwszystkie wersjeSchneider Electric 140cpu65260
HWSchneider-Electricwszystkie wersjeSchneider Electric 140cpu65260c
HWSchneider-Electricwszystkie wersjeSchneider Electric 140cpu65260c Firmware
OSSchneider-Electricwszystkie wersjeSchneider Electric 140cpu65260 Firmware
OSSchneider-Electricwszystkie wersjeSchneider Electric 140cpu65860
HWSchneider-Electricwszystkie wersjeSchneider Electric 140cpu65860c
HWSchneider-Electricwszystkie wersjeSchneider Electric 140cpu65860c Firmware
OSSchneider-Electricwszystkie wersjeSchneider Electric 140cpu65860 Firmware
OSSchneider-Electricwszystkie wersjeSchneider Electric Bmxnor0200
HWSchneider-Electricwszystkie wersjeSchneider Electric Bmxnor0200 Firmware
OSSchneider-Electricwszystkie wersjeSchneider Electric Bmxnor0200h
HWSchneider-Electricwszystkie wersjeSchneider Electric Bmxnor0200h Firmware
OSSchneider-Electricwszystkie wersje
Related vulnerabilities
A CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability exists that could cause unaut...
Authentication Bypass by Spoofing vulnerability exists in EcoStruxure Control Expert (all versions prior to V1...
A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Web Server on Modicon M340...
CWE-287: Improper Authentication vulnerability exists which could cause the execution of commands on the webse...
Hard coded accounts exist in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR02...