CVE-2018-7803

EPSS 0.19%
Veröffentlicht 22.05.2019 21:29:00
Zuletzt bearbeitet 21.11.2024 04:12:45
Quelle cybersecurity@se.com
Teams Watchlist Login
Unerledigt Login

A CWE-754 Improper Check for Unusual or Exceptional Conditions vulnerability exists in Triconex TriStation Emulator V1.2.0, which could cause the emulator to crash when sending a specially crafted packet. The emulator is used infrequently for application logic testing. It is susceptible to an attack only while running in off-line mode. This vulnerability does not exist in Triconex hardware products and therefore has no effect on the operating safety functions in a plant.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Schneider-electric ≫ Triconex Tristation Emulator Version1.2.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.19%	0.375

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.9	2.2	3.6	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:N/A:P

CWE-754 Improper Check for Unusual or Exceptional Conditions

The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.

https://www.schneider-electric.com/ww/en/download/document/SEVD-2019-071-03

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2018-7803

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2018-7803

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2018-7803

EUVD