CVE-2017-6026

CRITICAL

Schneider Electric Modicon PLCs <4.0.5.11 - Info Disclosure

Title source: llm

Description

A Use of Insufficiently Random Values issue was discovered in Schneider Electric Modicon PLCs Modicon M241, firmware versions prior to Version 4.0.5.11, and Modicon M251, firmware versions prior to Version 4.0.5.11. The session numbers generated by the web application are lacking randomization and are shared between several users. This may allow a current session to be compromised.

Exploits (1)

exploitdb WORKING POC

by Photubias · pythonwebappshardware

https://www.exploit-db.com/exploits/45918

View Code ZIP pw:eip

References (3)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/97254

[Third Party Advisory, US Government Resource] https://ics-cert.us-cert.gov/advisories/ICSA-17-089-02

[Exploit, Third Party Advisory, VDB Entry] https://www.exploit-db.com/exploits/45918/

Scores

CVSS v3 9.1

EPSS 0.1857

EPSS Percentile 95.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Details

CWE

CWE-330

Status published

Products (3)

n/a/Schneider Electric Modicon PLCs Schneider Electric Modicon PLCs

schneider-electric/modicon_m241_firmware < 4.0.3.20

schneider-electric/modicon_m251_firmware < 4.0.3.20

Published Jun 30, 2017

Tracked Since Feb 18, 2026