Vulnerability Details CVE-2012-0931
Schneider Electric Modicon Quantum PLC does not perform authentication between the Unity software and PLC, which allows remote attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.041
EPSS Ranking 88.2%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
- http://secunia.com/advisories/47723
- http://www.securityfocus.com/bid/51605
- http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-12-020-03.pdf
- https://exchange.xforce.ibmcloud.com/vulnerabilities/72586
- https://us-cert.cisa.gov/ics/alerts/ICS-ALERT-12-020-03
- http://secunia.com/advisories/47723
- http://www.securityfocus.com/bid/51605
- http://www.us-cert.gov/control_systems/pdf/ICS-ALERT-12-020-03.pdf
- https://exchange.xforce.ibmcloud.com/vulnerabilities/72586
- https://us-cert.cisa.gov/ics/alerts/ICS-ALERT-12-020-03
Products affected by CVE-2012-0931
-
cpe:2.3:h:schneider-electric:modicon_quantum_plc:-