VYPR

M221

by Modicon

CVEs (2)

  • CVE-2019-6820HigMay 22, 2019
    risk 0.53cvss 8.2epss 0.01

    A CWE-306: Missing Authentication for Critical Function vulnerability exists which could cause a modification of device IP configuration (IP address, network mask and gateway IP address) when a specific Ethernet frame is received in all versions of: Modicon M100, Modicon M200,…

  • CVE-2020-28214MedDec 11, 2020
    risk 0.36cvss 5.5epss 0.01

    A CWE-760: Use of a One-Way Hash with a Predictable Salt vulnerability exists in Modicon M221 (all references, all versions), that could allow an attacker to pre-compute the hash value using dictionary attack technique such as rainbow tables, effectively disabling the protection…