VYPR
Critical severity9.8NVD Advisory· Published Aug 29, 2018· Updated Jun 17, 2026

CVE-2018-7790

CVE-2018-7790

Description

An Information Management Error vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to replay authentication sequences. If an attacker exploits this vulnerability and connects to a Modicon M221, the attacker can upload the original program from the PLC.

Affected products

3
  • cpe:2.3:o:schneider-electric:modicon_m221_firmware:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:schneider-electric:modicon_m221_firmware:*:*:*:*:*:*:*:*range: <1.6.2.0
    • (no CPE)range: <1.6.2.0
  • Schneider Electric SE/Modicon M221, all references, all versions prior to firmware V1.6.2.0v5
    Range: Modicon M221, all references, all versions prior to firmware V1.6.2.0

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.