CVE-2021-22747

Improper Check for Unusual or Exceptional Conditions vulnerability exists in Triconex Model 3009 MP installed on Tricon V11.3.x systems that could cause module reset when TCM receives malformed TriStation packets while the write-protect keyswitch is in the program position. This CVE ID is unique from CVE-2021-22742, CVE-2021-22744, CVE-2021-22745, and CVE-2021-22746.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
3.9 LOW
PHYSICAL
LOW
HIGH
CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
schneiderCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 17%
VendorProductVersion
schneider-electrictriconex_model_3009_mp_firmware
11.3.0 ≤
𝑥
< 11.8.0
schneider-electrictcm_4351b_firmware
11.3.0 ≤
𝑥
< 11.5.1
schneider-electrictcm_4351b_firmware
11.7.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-03
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-03