A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause a Denial of Service of the RTU when receiving a specially crafted request over Modbus, and the RTU is configured as a Modbus server. Affected Products: SCADAPack 312E, 313E, 314E, 330E, 333E, 334E, 337E, 350E and 357E RTUs with firmware V8.18.1 and prior
References
Link | Resource |
---|---|
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-313-01 | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
History
03 Feb 2022, 13:31
Type | Values Removed | Values Added |
---|---|---|
First Time |
Schneider-electric scadapack 357e Firmware
Schneider-electric scadapack 337e Schneider-electric scadapack 312e Firmware Schneider-electric scadapack 350e Schneider-electric scadapack 334e Firmware Schneider-electric scadapack 314e Schneider-electric scadapack 314e Firmware Schneider-electric scadapack 357e Schneider-electric scadapack 330e Firmware Schneider-electric Schneider-electric scadapack 313e Firmware Schneider-electric scadapack 333e Schneider-electric scadapack 337e Firmware Schneider-electric scadapack 350e Firmware Schneider-electric scadapack 333e Firmware Schneider-electric scadapack 334e Schneider-electric scadapack 330e Schneider-electric scadapack 313e Schneider-electric scadapack 312e |
|
CPE | cpe:2.3:h:schneider-electric:scadapack_330e:-:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:scadapack_334e:-:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:scadapack_337e:-:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:scadapack_333e_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:scadapack_357e:-:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:scadapack_313e_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:scadapack_333e:-:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:scadapack_314e_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:scadapack_312e_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:scadapack_337e_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:scadapack_313e:-:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:scadapack_312e:-:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:scadapack_330e_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:scadapack_314e:-:*:*:*:*:*:*:* cpe:2.3:h:schneider-electric:scadapack_350e:-:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:scadapack_357e_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:scadapack_334e_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:schneider-electric:scadapack_350e_firmware:*:*:*:*:*:*:*:* |
|
References | (MISC) https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-313-01 - Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : 7.8
v3 : 7.5 |
CWE | CWE-754 |
28 Jan 2022, 21:15
Type | Values Removed | Values Added |
---|---|---|
CWE |
28 Jan 2022, 20:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-01-28 20:15
Updated : 2023-12-10 14:09
NVD link : CVE-2021-22816
Mitre link : CVE-2021-22816
CVE.ORG link : CVE-2021-22816
JSON object : View
Products Affected
schneider-electric
- scadapack_350e
- scadapack_337e
- scadapack_312e_firmware
- scadapack_313e_firmware
- scadapack_337e_firmware
- scadapack_313e
- scadapack_312e
- scadapack_314e
- scadapack_330e
- scadapack_350e_firmware
- scadapack_357e
- scadapack_333e_firmware
- scadapack_330e_firmware
- scadapack_334e_firmware
- scadapack_333e
- scadapack_357e_firmware
- scadapack_334e
- scadapack_314e_firmware
CWE
CWE-754
Improper Check for Unusual or Exceptional Conditions