PT-2020-19604 · Schneider Electric · Premium Processors With Integrated Ethernet+2
Published
2020-03-23
·
Updated
2026-05-28
·
CVE-2020-7477
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Quantum Ethernet Network module 140NOE771x1 versions 7.0 and prior
Quantum processors with integrated Ethernet – 140CPU65xxxxx all versions
Premium processors with integrated Ethernet all versions
Description
A vulnerability exists due to improper check for unusual or exceptional conditions, which could cause a Denial of Service when sending a specially crafted command over Modbus.
Recommendations
For Quantum Ethernet Network module 140NOE771x1 versions 7.0 and prior, update to a version later than 7.0 to resolve the issue.
For Quantum processors with integrated Ethernet – 140CPU65xxxxx, restrict access to Modbus to minimize the risk of exploitation until a patch is available.
For Premium processors with integrated Ethernet, consider disabling Modbus functionality as a temporary workaround until a fix is provided.
Fix
DoS
Improper Check for Exceptional Conditions
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Premium Processors With Integrated Ethernet
Quantum Ethernet Network Module 140Noe771X1
Quantum Processors With Integrated Ethernet