7.8
CVE-2021-22816
- EPSS 0.37%
- Published 28.01.2022 20:15:10
- Last modified 21.11.2024 05:50:43
- Source cybersecurity@se.com
- Teams watchlist Login
- Open Login
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause a Denial of Service of the RTU when receiving a specially crafted request over Modbus, and the RTU is configured as a Modbus server. Affected Products: SCADAPack 312E, 313E, 314E, 330E, 333E, 334E, 337E, 350E and 357E RTUs with firmware V8.18.1 and prior
Data is provided by the National Vulnerability Database (NVD)
Schneider-electric ≫ Scadapack 312e Firmware Version < 8.19.1
Schneider-electric ≫ Scadapack 313e Firmware Version < 8.19.1
Schneider-electric ≫ Scadapack 314e Firmware Version < 8.19.1
Schneider-electric ≫ Scadapack 330e Firmware Version < 8.19.1
Schneider-electric ≫ Scadapack 333e Firmware Version < 8.19.1
Schneider-electric ≫ Scadapack 334e Firmware Version < 8.19.1
Schneider-electric ≫ Scadapack 337e Firmware Version < 8.19.1
Schneider-electric ≫ Scadapack 350e Firmware Version < 8.19.1
Schneider-electric ≫ Scadapack 357e Firmware Version < 8.19.1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.37% | 0.557 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 7.8 | 10 | 6.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:C
|
CWE-754 Improper Check for Unusual or Exceptional Conditions
The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.