CVE-2018-7790 - Vulnerability Details - OpenCVE

An Information Management Error vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to replay authentication sequences. If an attacker exploits this vulnerability and connects to a Modicon M221, the attacker can upload the original program from the PLC.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Exploitation none

Automatable yes

Technical Impact total

Vendors	Products
Schneider-electric	Modicon M221 Modicon M221 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:schneider-electric:modicon_m221_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:schneider-electric:modicon_m221:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://www.securityfocus.com/bid/105182
https://www.schneider-electric.com/en/download/document/SEVD-2018-235-01/

History

Fri, 29 May 2026 14:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: schneider

Published: 2018-08-29T21:00:00.000Z

Updated: 2026-05-29T13:55:56.843Z

Reserved: 2018-03-08T00:00:00.000Z

Link: CVE-2018-7790

Vulnrichment

Updated: 2024-08-05T06:37:59.565Z

NVD

Status : Modified

Published: 2018-08-29T21:29:01.070

Modified: 2026-05-29T15:16:16.280

Link: CVE-2018-7790

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Modicon M221, all references, all versions prior to firmware V1.6.2.0", "vendor": "Schneider Electric SE", "versions": [{"status": "affected", "version": "Modicon M221, all references, all versions prior to firmware V1.6.2.0"}]}], "datePublic": "2018-08-22T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "An Information Management Error vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to replay authentication sequences. If an attacker exploits this vulnerability and connects to a Modicon M221, the attacker can upload the original program from the PLC."}], "problemTypes": [{"descriptions": [{"description": "Information Management Error", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-08-31T09:57:01.000Z", "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "shortName": "schneider"}, "references": [{"name": "105182", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/105182"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-235-01/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cybersecurity@schneider-electric.com", "DATE_PUBLIC": "2018-08-22T00:00:00", "ID": "CVE-2018-7790", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Modicon M221, all references, all versions prior to firmware V1.6.2.0", "version": {"version_data": [{"version_value": "Modicon M221, all references, all versions prior to firmware V1.6.2.0"}]}}]}, "vendor_name": "Schneider Electric SE"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An Information Management Error vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to replay authentication sequences. If an attacker exploits this vulnerability and connects to a Modicon M221, the attacker can upload the original program from the PLC."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Information Management Error"}]}]}, "references": {"reference_data": [{"name": "105182", "refsource": "BID", "url": "http://www.securityfocus.com/bid/105182"}, {"name": "https://www.schneider-electric.com/en/download/document/SEVD-2018-235-01/", "refsource": "CONFIRM", "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-235-01/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T06:37:59.565Z"}, "title": "CVE Program Container", "references": [{"name": "105182", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/105182"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-235-01/"}]}, {"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-294", "lang": "en", "description": "CWE-294 Authentication Bypass by Capture-replay"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-05-29T13:52:53.696411Z", "id": "CVE-2018-7790", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-05-29T13:55:56.843Z"}}]}, "cveMetadata": {"assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "assignerShortName": "schneider", "cveId": "CVE-2018-7790", "datePublished": "2018-08-29T21:00:00.000Z", "dateReserved": "2018-03-08T00:00:00.000Z", "dateUpdated": "2026-05-29T13:55:56.843Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.2"}

{"containers": {"cna": {"affected": [{"product": "Modicon M221, all references, all versions prior to firmware V1.6.2.0", "vendor": "Schneider Electric SE", "versions": [{"status": "affected", "version": "Modicon M221, all references, all versions prior to firmware V1.6.2.0"}]}], "datePublic": "2018-08-22T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "An Information Management Error vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to replay authentication sequences. If an attacker exploits this vulnerability and connects to a Modicon M221, the attacker can upload the original program from the PLC."}], "problemTypes": [{"descriptions": [{"description": "Information Management Error", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-08-31T09:57:01.000Z", "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "shortName": "schneider"}, "references": [{"name": "105182", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/105182"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-235-01/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cybersecurity@schneider-electric.com", "DATE_PUBLIC": "2018-08-22T00:00:00", "ID": "CVE-2018-7790", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Modicon M221, all references, all versions prior to firmware V1.6.2.0", "version": {"version_data": [{"version_value": "Modicon M221, all references, all versions prior to firmware V1.6.2.0"}]}}]}, "vendor_name": "Schneider Electric SE"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An Information Management Error vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to replay authentication sequences. If an attacker exploits this vulnerability and connects to a Modicon M221, the attacker can upload the original program from the PLC."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Information Management Error"}]}]}, "references": {"reference_data": [{"name": "105182", "refsource": "BID", "url": "http://www.securityfocus.com/bid/105182"}, {"name": "https://www.schneider-electric.com/en/download/document/SEVD-2018-235-01/", "refsource": "CONFIRM", "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-235-01/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T06:37:59.565Z"}, "title": "CVE Program Container", "references": [{"name": "105182", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/105182"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-235-01/"}]}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2018-7790", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-05-29T13:52:53.696411Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-294", "description": "CWE-294 Authentication Bypass by Capture-replay"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-05-29T13:53:22.213Z"}}]}, "cveMetadata": {"assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb", "assignerShortName": "schneider", "cveId": "CVE-2018-7790", "datePublished": "2018-08-29T21:00:00.000Z", "dateReserved": "2018-03-08T00:00:00.000Z", "dateUpdated": "2026-05-29T13:55:56.843Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:schneider-electric:modicon_m221_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "55D26878-E5EB-4537-A252-34B3EBB758CC", "versionEndExcluding": "1.6.2.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:schneider-electric:modicon_m221:-:*:*:*:*:*:*:*", "matchCriteriaId": "BB0D83F4-B718-47AB-AFB8-B576CB138AAC", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An Information Management Error vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to replay authentication sequences. If an attacker exploits this vulnerability and connects to a Modicon M221, the attacker can upload the original program from the PLC."}, {"lang": "es", "value": "Existe una vulnerabilidad de error de gesti\u00f3n de informaci\u00f3n en el producto Modicon M221, de Schneider Electric (todas las referencias y todas las versiones anteriores al firmware V1.6.2.0). La vulnerabilidad permite que usuarios no autorizados reproduzcan secuencias de autenticaci\u00f3n. Si un atacante explota la vulnerabilidad y se conecta a Modicon M221, el atacante puede subir el programa original desde el PLC."}], "id": "CVE-2018-7790", "lastModified": "2026-05-29T15:16:16.280", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2018-08-29T21:29:01.070", "references": [{"source": "cybersecurity@se.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/105182"}, {"source": "cybersecurity@se.com", "tags": ["Mitigation", "Vendor Advisory"], "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-235-01/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/105182"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mitigation", "Vendor Advisory"], "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-235-01/"}], "sourceIdentifier": "cybersecurity@se.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-294"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-294"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}