VDB
ICSA-20-343-04
ICSA-20-343-04
PUBLISHED
CVSS 7.099999904632568 HIGH
Successful exploitation of these vulnerabilities could allow an attacker to take control over the PLC and gain unauthorized access, which could result in exposure of sensitive information.
Risk Scores
CVSS v3.1
7.099999904632568
CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Modicon M221: All versions |
Timeline
- Dec 8, 2020 CVE Published
References
- https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2020/icsa-20-343-04.json advisory
- https://www.cisa.gov/news-events/ics-advisories/icsa-20-343-04 advisory
- https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf url
- https://us-cert.cisa.gov/ics/tips/ICS-TIP-12-146-01B url
- https://us-cert.cisa.gov/ncas/tips/ST04-014 url
- https://www.se.com/us/en/download/document/7EN52-0390/ fix
- https://www.se.com/ww/en/download/document/SEVD-2020-315-05/ fix