CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-6034

An Authentication Bypass by Capture-Replay issue was discovered in Schneider Electric Modicon Modbus Protocol. Sensitive information is transmitted in cleartext in the Modicon Modbus protocol, which may allow an attacker to replay the following commands: run, stop, upload, and download.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 38.3%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

http://www.securityfocus.com/bid/97562
https://ics-cert.us-cert.gov/advisories/ICSA-17-101-01
http://www.securityfocus.com/bid/97562
https://ics-cert.us-cert.gov/advisories/ICSA-17-101-01

Products affected by CVE-2017-6034

Schneider-Electric » Modbus » Version: N/A

cpe:2.3:h:schneider-electric:modbus:-
Schneider-Electric » Modbus Firmware » Version: N/A

cpe:2.3:o:schneider-electric:modbus_firmware:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-6034

Products

Pricing

Contact Us