CVE-2018-7798

Name of the Vulnerable Software and Affected Versions Modicon M221, all versions

Description The issue is related to insufficient verification of data authenticity, which could allow a remote attacker to modify the IPv4 configuration, including IP address, mask, and gateway, when connected to the device. The vulnerability is also associated with the incorrect implementation of the network module in the UMAS protocol, potentially enabling an attacker to intercept the controller's network traffic by remotely modifying configuration parameters.

Recommendations For Modicon M221, all versions: At the moment, there is no information about a newer version that contains a fix for this vulnerability.