Vulnerability: Privilege Escalation via Fixed Memory Location in Schneider Electric Triconex Tricon MP Model 3008 Firmware Versions 10.0-10.4

Vulnerability: Privilege Escalation via Fixed Memory Location in Schneider Electric Triconex Tricon MP Model 3008 Firmware Versions 10.0-10.4

CVE-2018-7522 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

In Schneider Electric Triconex Tricon MP model 3008 firmware versions 10.0-10.4, when a system call is made, registers are stored to a fixed memory location. Modifying the data in this location could allow attackers to gain supervisor-level access and control system states.

Learn more about our Web Application Penetration Testing UK.