Vulnerability Details : CVE-2017-6026
Potential exploit
A Use of Insufficiently Random Values issue was discovered in Schneider Electric Modicon PLCs Modicon M241, firmware versions prior to Version 4.0.5.11, and Modicon M251, firmware versions prior to Version 4.0.5.11. The session numbers generated by the web application are lacking randomization and are shared between several users. This may allow a current session to be compromised.
Products affected by CVE-2017-6026
- cpe:2.3:o:schneider-electric:modicon_m251_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:schneider-electric:modicon_m241_firmware:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2017-6026
14.76%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 94 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2017-6026
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
6.4
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:P/A:N |
10.0
|
4.9
|
NIST | |
|
9.1
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N |
3.9
|
5.2
|
NIST |
CWE ids for CVE-2017-6026
-
The product uses insufficiently random numbers or values in a security context that depends on unpredictable numbers.Assigned by:
- ics-cert@hq.dhs.gov (Secondary)
- nvd@nist.gov (Primary)
References for CVE-2017-6026
-
https://www.exploit-db.com/exploits/45918/
Schneider Electric PLC - Session Calculation Authentication BypassExploit;Third Party Advisory;VDB Entry
-
https://ics-cert.us-cert.gov/advisories/ICSA-17-089-02
Schneider Electric Modicon PLCs | CISAThird Party Advisory;US Government Resource
-
http://www.securityfocus.com/bid/97254
Multiple Schneider Electric Modicon Products Weak Cryptography Multiple Security WeaknessesThird Party Advisory;VDB Entry
Jump to