CVE-2018-7793
Severity Score
8.7
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A Credential Management vulnerability exists in FoxView HMI SCADA (All Foxboro DCS, Foxboro Evo, and IA Series versions prior to Foxboro DCS Control Core Services 9.4 (CCS 9.4) and FoxView 10.5.) which could cause unauthorized disclosure, modification, or disruption in service when the password is modified without permission.
Existe una vulnerabilidad de gestión de credenciales en FoxView HMI SCADA (todas las versiones de Foxboro DCS, Foxboro Evo e IA Series anteriores a Foxboro DCS Control Core Services 9.4 (CCS 9.4) y FoxView 10.5.) que podría permitir la divulgación, modificación o interrupción no autorizada del servicio cuando se modifica la contraseña sin permiso.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2018-03-08 CVE Reserved
- 2018-12-24 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.schneider-electric.com/en/download/document/SEVD-2018-353-03 | 2020-08-24 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Schneider-electric Search vendor "Schneider-electric" | Foxboro Dcs Search vendor "Schneider-electric" for product "Foxboro Dcs" | < ccs_9.4 Search vendor "Schneider-electric" for product "Foxboro Dcs" and version " < ccs_9.4" | - |
Affected
| ||||||
| Schneider-electric Search vendor "Schneider-electric" | Foxboro Evo Search vendor "Schneider-electric" for product "Foxboro Evo" | < ccs_9.4 Search vendor "Schneider-electric" for product "Foxboro Evo" and version " < ccs_9.4" | - |
Affected
| ||||||
| Schneider-electric Search vendor "Schneider-electric" | Foxview Search vendor "Schneider-electric" for product "Foxview" | 10.5 Search vendor "Schneider-electric" for product "Foxview" and version "10.5" | - |
Affected
| ||||||
| Schneider-electric Search vendor "Schneider-electric" | Ia Series Search vendor "Schneider-electric" for product "Ia Series" | < ccs_9.4 Search vendor "Schneider-electric" for product "Ia Series" and version " < ccs_9.4" | - |
Affected
| ||||||