CVSS: 6.8EPSS: 0%CPEs: 9EXPL: 1CVE-2013-0663 – Schneider Electric PLCs - Cross-Site Request Forgery
https://notcve.org/view.php?id=CVE-2013-0663
Cross-site request forgery (CSRF) vulnerability on the Schneider Electric Quantum 140NOE77111, 140NOE77101, and 140NWM10000; M340 BMXNOC0401, BMXNOE0100x, and BMXNOE011xx; and Premium TSXETY4103, TSXETY5103, and TSXWMY100 PLC modules allows remote attackers to hijack the authentication of arbitrary users for requests that execute commands, as demonstrated by modifying HTTP credentials. Vulnerabilidad CSRF en los módulos Schneider Electric Quantum 140NOE77111, 140NOE77101, y 140NWM10000; M340 BMXNOC0401, BMXNOE0100x, y BMXNOE011xx; y Premium TSXETY4103, TSXETY5103, y TSXWMY100 PLC, permite a atacantes remotos secuestrar la autenticación de los usuarios para peticiones que ejecutan comandos, como se ha demostrado mediante la modificación de de peticiones HTTP. Schneider Electric PLCs suffer from a cross site request forgery vulnerability. • https://www.exploit-db.com/exploits/44678 http://ics-cert.us-cert.gov/pdf/ICSA-13-077-01A.pdf http://www.schneider-electric.com/download/ww/en/details/35081317-Vulnerability-Disclosure-for-Quantum-Premium-and-M340 http://www.schneider-electric.com/download/ww/en/file/36555639-SEVD-2013-023-01.pdf/?fileName=SEVD-2013-023-01.pdf&reference=SEVD-2013-023-01&docType=Technical-paper • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 8.5EPSS: 0%CPEs: 4EXPL: 0CVE-2013-0664
https://notcve.org/view.php?id=CVE-2013-0664
The FactoryCast service on the Schneider Electric Quantum 140NOE77111 and 140NWM10000, M340 BMXNOE0110x, and Premium TSXETY5103 PLC modules allows remote authenticated users to send Modbus messages, and consequently execute arbitrary code, by embedding these messages in SOAP HTTP POST requests. El servicio FactoryCast en los módulos Electric Quantum 140NOE77111 y 140NWM10000, M340 BMXNOE0110x, y Premium TSXETY5103 PLC , permite a usuarios autenticados remotamente el envío de mensajes Modbus, y por consiguiente la ejecución de código arbitrario embebiendo estos mensajes en peticiones SOAP HTTP POST. • http://ics-cert.us-cert.gov/pdf/ICSA-13-077-01A.pdf http://www.schneider-electric.com/download/ww/en/details/35081317-Vulnerability-Disclosure-for-Quantum-Premium-and-M340 http://www.schneider-electric.com/download/ww/en/file/36555639-SEVD-2013-023-01.pdf/?fileName=SEVD-2013-023-01.pdf&reference=SEVD-2013-023-01&docType=Technical-paper •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2013-2762
https://notcve.org/view.php?id=CVE-2013-2762
The Schneider Electric Magelis XBT HMI controller has a default password for authentication of configuration uploads, which makes it easier for remote attackers to bypass intended access restrictions via crafted configuration data. El controlador Schneider Electric Magelis XBT HMI tiene una contraseña por defecto para la configuración de las subidas de archivos, lo que facilitaría a atacantes remotos evitar las restricciones de acceso a través de datos manipulados. • http://ics-cert.us-cert.gov/pdf/ICSA-13-077-01A.pdf • CWE-255: Credentials Management Errors CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 5.0EPSS: 0%CPEs: 24EXPL: 0CVE-2013-2763
https://notcve.org/view.php?id=CVE-2013-2763
The Schneider Electric M340 PLC modules allow remote attackers to cause a denial of service (resource consumption) via unspecified vectors. NOTE: the vendor reportedly disputes this issue because it "could not be duplicated" and "an attacker could not remotely exploit this observed behavior to deny PLC control functions. ** EN DISPUTA ** Los modulos Schneider Electric M340 PLC permite a atacantes remotos causar una denegación de servicios (consumo de recursos) a través de vectores no especificados. NOTA: El vendedor reporta disputas en este fallo ya que "no puede ser replicado" y "un atacante no puede explotar remotamente este fallo en las funciones de control del PLC". • http://ics-cert.us-cert.gov/pdf/ICSA-13-077-01A.pdf • CWE-400: Uncontrolled Resource Consumption •
CVSS: 4.0EPSS: 0%CPEs: 2EXPL: 0CVE-2013-2761
https://notcve.org/view.php?id=CVE-2013-2761
The Schneider Electric M340 BMXNOE01xx and BMXP3420xx PLC modules allow remote authenticated users to cause a denial of service (module crash) via crafted FTP traffic, as demonstrated by the FileZilla FTP client. Los módulos Schneider Electric M340 BMXNOE01xx y BMXP3420xx PLC, permite a usuarios autenticados remotamente provocar una denegación de servicio (caída de módulo) a través de tráfico FTP manipulado, como se ha demostrado a través del cliente Filezilla FTP. • http://www.schneider-electric.com/download/ww/en/details/35081317-Vulnerability-Disclosure-for-Quantum-Premium-and-M340 http://www.schneider-electric.com/download/ww/en/file/36555639-SEVD-2013-023-01.pdf/?fileName=SEVD-2013-023-01.pdf&reference=SEVD-2013-023-01&docType=Technical-paper • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •