Schneider Electric Modicon M221: Rainbow Table Password Decoding Vulnerability

Schneider Electric Modicon M221: Rainbow Table Password Decoding Vulnerability

CVE-2018-7792 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

A Permissions, Privileges, and Access Control vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to decode the password using rainbow table.

Learn more about our User Device Pen Test.