CVE-2018-7822
Summary
| CVE | CVE-2018-7822 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2019-05-22 20:29:00 UTC |
| Updated | 2022-01-31 20:47:00 UTC |
| Description | An Incorrect Default Permissions (CWE-276) vulnerability exists in SoMachine Basic, all versions, and Modicon M221(all references, all versions prior to firmware V1.10.0.0) which could cause unauthorized access to SoMachine Basic resource files when logged on the system hosting SoMachine Basic. |
Risk And Classification
Problem Types: CWE-276
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Schneider-electric | Modicon M221 | - | All | All | All |
| Hardware | Schneider-electric | Modicon M221 | - | All | All | All |
| Operating System | Schneider-electric | Modicon M221 Firmware | All | All | All | All |
| Operating System | Schneider-electric | Modicon M221 Firmware | All | All | All | All |
| Application | Schneider-electric | Somachine Basic | All | All | All | All |
| Application | Schneider-electric | Somachine Basic | All | All | All | All |
| Hardware | Se | Modicon M221 | - | All | All | All |
| Operating System | Se | Modicon M221 Firmware | All | All | All | All |
| Application | Se | Somachine Basic | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Security Notification - Modicon M221 | Schneider Electric | MISC | www.schneider-electric.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 591089 Schneider Electric Modicon M221 Multiple Vulnerabilities (SEVD-2019-045-01)