CVE-2018-7822

Name of the Vulnerable Software and Affected Versions SoMachine Basic versions prior to V1.10.0.0 Modicon M221 versions prior to V1.10.0.0

Description The issue is related to incorrect default permissions, which could allow an attacker to gain access to SoMachine Basic resource files when logged on the system hosting SoMachine Basic. This is due to improper default settings of access rights.

Recommendations For SoMachine Basic versions prior to V1.10.0.0, update to firmware V1.10.0.0 or later to resolve the issue. For Modicon M221 versions prior to V1.10.0.0, update to firmware V1.10.0.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the system hosting SoMachine Basic to minimize the risk of exploitation.