説明
CWE-330: Use of Insufficiently Random Values vulnerability, which could cause the hijacking of the TCP connection when using Ethernet communication in Modicon M580 firmware versions prior to V2.30, and all firmware versions of Modicon M340, Modicon Premium, Modicon Quantum.
AI分析AIによる分析
影響を受ける製品
schneider-electricmodicon_m580_firmware
schneider-electricmodicon_m580
-
schneider-electricmodicon_m340_firmware
schneider-electricmodicon_m340
-
schneider-electricmodicon_quantum_firmware
schneider-electricmodicon_quantum
-
schneider-electricmodicon_premium_firmware
schneider-electricmodicon_premium
-
参照
- http://www.securityfocus.com/bid/108366Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-19-136-01Third Party AdvisoryUS Government Resource
- https://www.schneider-electric.com/en/download/document/SEVD-2019-134-03/PatchVendor Advisory
- http://www.securityfocus.com/bid/108366Third Party AdvisoryVDB Entry
- https://ics-cert.us-cert.gov/advisories/ICSA-19-136-01Third Party AdvisoryUS Government Resource
- https://www.schneider-electric.com/en/download/document/SEVD-2019-134-03/PatchVendor Advisory