CVE-2018-7760 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	9.8 CRITICAL	NETWORK	LOW	NONE	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
schneider	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 36%

Vendor	Product	Version
schneider-electric	bmxnor0200_firmware	-
schneider-electric	bmxnor0200h_firmware	-
schneider-electric	140cpu65150_firmware	-
schneider-electric	140cpu31110_firmware	-
schneider-electric	140cpu43412u_firmware	-
schneider-electric	140cpu65160_firmware	-
schneider-electric	140cpu65260_firmware	-
schneider-electric	140cpu65860_firmware	-
schneider-electric	140cpu65160s_firmware	-
schneider-electric	140cpu65150c_firmware	-
schneider-electric	140cpu31110c_firmware	-
schneider-electric	140cpu43412uc_firmware	-
schneider-electric	140cpu65160c_firmware	-
schneider-electric	140cpu65160c_firmware	-
schneider-electric	140cpu65260c_firmware	-
schneider-electric	140cpu65860c_firmware	-
schneider-electric	modicon_m340_bmxp341000_firmware	-
schneider-electric	modicon_m340_bmxp342000_firmware	-
schneider-electric	modicon_m340_bmxp3420102_firmware	-
schneider-electric	modicon_m340_bmxp3420102cl_firmware	-
schneider-electric	modicon_m340_bmxp342020_firmware	-
schneider-electric	modicon_m340_bmxp3420302_firmware	-
schneider-electric	modicon_m340_bmxp3420302cl_firmware	-
schneider-electric	modicon_m340_bmxp3420302h_firmware	-
schneider-electric	modicon_m340_bmxp342020h_firmware	-
schneider-electric	modicon_m340_bmxp341000h_firmware	-
schneider-electric	tsxh5724m_firmware	-
schneider-electric	tsxh5744m_firmware	-
schneider-electric	tsxp57104m_firmware	-
schneider-electric	tsxp57154m_firmware	-
schneider-electric	tsxp571634m_firmware	-
schneider-electric	tsxp57204m_firmware	-
schneider-electric	tsxp57254m_firmware	-
schneider-electric	tsxp572634m_firmware	-
schneider-electric	tsxp57304m_firmware	-
schneider-electric	tsxp57354m_firmware	-
schneider-electric	tsxp573634m_firmware	-
schneider-electric	tsxp57454m_firmware	-
schneider-electric	tsxp574634m_firmware	-
schneider-electric	tsxp575634m_firmware	-
schneider-electric	tsxp576634m_firmware	-
schneider-electric	tsxh5724mc_firmware	-
schneider-electric	tsxh5744mc_firmware	-
schneider-electric	tsxp57104mc_firmware	-
schneider-electric	tsxp57154mc_firmware	-
schneider-electric	tsxp571634mc_firmware	-
schneider-electric	tsxp57204mc_firmware	-
schneider-electric	tsxp57254mc_firmware	-
schneider-electric	tsxp572634mc_firmware	-
schneider-electric	tsxp57304mc_firmware	-
schneider-electric	tsxp57354mc_firmware	-
schneider-electric	tsxp573634mc_firmware	-
schneider-electric	tsxp57454mc_firmware	-
schneider-electric	tsxp574634mc_firmware	-
schneider-electric	tsxp57554mc_firmware	-
schneider-electric	tsxp575634mc_firmware	-
schneider-electric	tsxp576634mc_firmware	-
schneider-electric	tsxh5724m_firmware	-
schneider-electric	tsxh5744mc_firmware	-
schneider-electric	tsxp57554m_firmware	-

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-287 - Improper Authentication
When an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct.

References

https://www.schneider-electric.com/en/download/document/SEVD-2018-081-02/