CVE-2017-6034

CRITICAL

Schneider Electric Modicon Modbus Protocol - Authentication Bypass by Capture-Replay via Cleartext Command Transmission

Title source: llm

Description

An authentication bypass by capture-replay issue was discovered in Schneider Electric Modicon Modbus Protocol. Sensitive information is transmitted in cleartext in the Modicon Modbus protocol, which may allow an attacker to replay the following commands: run, stop, upload, and download.

References (4)

Core 4

Core References

Third Party Advisory, US Government Resource

https://ics-cert.us-cert.gov/advisories/ICSA-17-101-01

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/97562

https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2017/icsa-17-101-01.json

View Writeup ZIP pw:eip

https://www.se.com/us/en/download/document/SEVD-2017-065-01/

Scores

CVSS v3 9.8

EPSS 0.0514

EPSS Percentile 91.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

CWE

CWE-287 CWE-294

Status published

Products (4)

None/Schneider Electric Modicon Modbus Protocol Schneider Electric Modicon Modbus Protocol

n/a/Schneider Electric Modicon Modbus Protocol Schneider Electric Modicon Modbus Protocol

Schneider Electric/Modicon Modbus Protocol all versions

schneider-electric/modbus_firmware

Published Jun 30, 2017

Tracked Since Feb 18, 2026