ICSA-18-086-01
·
Published 2018-03-27
·
View on CISA ICS-CERT ↗
Schneider Electric Modicon Premium, Modicon Quantum, Modicon M340, and Modicon BMXNOR0200
CVSS 5.9
MEDIUM
Risk Summary
ATTENTION: Exploitable remotely/low skill level to exploit.
CVEs (3)
Remediations
- Schneider Electric recommends that users follow the instructions outlined in the Modicon Controllers Platform - Cyber Security, Reference Manual to install Modicon PLCs securely.
- Schneider Electric also recommends that affected users disable FTP services on the device during times when maintenance or configuration activities are not needed.
- For more information please see Schneider Electric's security notification SEVD-2018-081-01
Affected Vendors
Schneider Electric Software, LLC
Affected Products (4)
Schneider Electric Software, LLC
·
Modicon Premium
vers:all/*
Schneider Electric Software, LLC
·
Modicon Quantum
vers:all/*
Schneider Electric Software, LLC
·
Modicon M340
vers:all/*
Schneider Electric Software, LLC
·
Modicon X80 RTU (BMXNOR0200H)
vers:all/*
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more