CVE-2018-7242

high-risk

Published 2018-04-18

Vulnerable hash algorithms exists in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communication modules. The algorithm used to encrypt the password is vulnerable to hash collision attacks.

Do I need to act?

0.25% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 9.8/10 Critical

NETWORK / LOW complexity

Affected Products (20)

Bmxnor0200 Firmware

Bmxnor0200H Firmware

140Cpu65150 Firmware

140Cpu31110 Firmware

140Cpu43412U Firmware

140Cpu65160 Firmware

140Cpu65260 Firmware

140Cpu65860 Firmware

140Cpu65160S Firmware

140Cpu65150C Firmware

140Cpu31110C Firmware

140Cpu43412Uc Firmware

140Cpu65160C Firmware

140Cpu65260C Firmware

140Cpu65860C Firmware

Modicon M340 Bmxp341000 Firmware

Modicon M340 Bmxp342000 Firmware

Modicon M340 Bmxp3420102 Firmware

Modicon M340 Bmxp3420102Cl Firmware

Modicon M340 Bmxp342020 Firmware

Affected Vendors

Schneider-Electric

References (6)

Third Party Advisory http://www.securityfocus.com/bid/103543

Third Party Advisory https://ics-cert.us-cert.gov/advisories/ICSA-18-086-01

Vendor Advisory https://www.schneider-electric.com/en/download/document/SEVD-2018-081-01/

Third Party Advisory http://www.securityfocus.com/bid/103543

Third Party Advisory https://ics-cert.us-cert.gov/advisories/ICSA-18-086-01

Vendor Advisory https://www.schneider-electric.com/en/download/document/SEVD-2018-081-01/

/ 100

high-risk

Severity 32/34 · Critical

Exploitability 1/34 · Minimal

Exposure 26/34 · High