ID de Prueba:	1.3.6.1.4.1.25623.1.0.106630
Categoría:	Denial of Service
Título:	Schneider Electric Modicon Devices DoS Vulnerability (SEVD-2017-048-02)
Resumen:	Schneider Electric Modicon devices are prone to a denial of; service (DoS) vulnerability.
Descripción:	Summary: Schneider Electric Modicon devices are prone to a denial of service (DoS) vulnerability. Vulnerability Insight: During communication between the operator and PLC using function code 0x5A of Modbus, it is possible to send a specially crafted set of packets to the PLC and cause it to freeze, requiring the operator to physically press the reset button of the PLC in order to recover. Vulnerability Impact: Successful exploitation of this vulnerability may render the device unresponsive requiring a physical reset of the PLC. Affected Software/OS: Schneider Electric devices: - Modicon M580 CPU (part numbers BMEP* and BMEH*) prior to version 2.30 - Modicon M340 CPU (part numbers BMXP34*) prior to version 2.90 - Modicon Quantum CPU (part numbers 140CPU65* and 140CPU67*) prior to version 3.52 - Modicon Premium CPUs (part numbers TSXP57*) prior to version 3.22 Solution: See the referenced vendor advisory for a solution. CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2017-6017 BugTraq ID: 96414 http://www.securityfocus.com/bid/96414 https://ics-cert.us-cert.gov/advisories/ICSA-17-054-03
Copyright	Copyright (C) 2017 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.