PT-2012-1184 · Schneider Electric · Modicon Quantum Plc+2
Published
2012-01-27
·
Updated
2020-07-23
·
CVE-2012-0931
CVSS v2.0
7.8
High
| Vector | AV:N/AC:L/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
Schneider Electric Modicon Quantum PLC (affected versions not specified)
Schneider Electric Modicon M340 (affected versions not specified)
Description
The issue is related to a lack of authentication between the Unity software and the PLC, which can be exploited by remote attackers to cause a denial of service or possibly execute arbitrary code. The vulnerability in the programmable logic controller's software is due to weaknesses in authentication.
Recommendations
For Schneider Electric Modicon Quantum PLC, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
For Schneider Electric Modicon M340, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Modicon M340
Modicon Quantum Plc
Unity