CVE-2018-7821

Name of the Vulnerable Software and Affected Versions Modicon M221 versions prior to V1.10.0.0 SoMachine Basic (affected versions not specified)

Description The issue is related to an incorrect configuration of the Ethernet interface in the Modicon M221 programmable logic controller when the Ethernet/IP adapter is activated. Exploitation of this issue can allow an attacker to impact the cycle time of the control program by generating a network flood on the Ethernet interface.

Recommendations For Modicon M221 versions prior to V1.10.0.0, update to firmware V1.10.0.0 or later to resolve the issue. For SoMachine Basic, at the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting access to the Ethernet interface when the Ethernet/IP adapter is activated to minimize the risk of exploitation.