CVE-2018-7758

Name of the Vulnerable Software and Affected Versions: Schneider Electric's MiCOM Px4x (P540 range excluded) with legacy Ethernet board Schneider Electric's MiCOM P540D Range with Legacy Ethernet Board Schneider Electric's MiCOM Px4x Rejuvenated

Description: A denial of service issue exists due to TCP/IP open requests on port 20000 (DNP3oE) when an older TCI/IP session is still open with an identical IP address and port number, potentially causing loss of network communication.

Recommendations: For Schneider Electric's MiCOM Px4x (P540 range excluded) with legacy Ethernet board, consider restricting access to port 20000 to minimize the risk of exploitation. For Schneider Electric's MiCOM P540D Range with Legacy Ethernet Board, avoid using identical IP address and port number for new TCP/IP sessions if an older session is still open. For Schneider Electric's MiCOM Px4x Rejuvenated, restrict network communication on port 20000 until a fix is available.