Memory Address Verification Bypass Vulnerability in Schneider Electric Triconex Tricon MP Model 3008 Firmware Versions 10.0-10.4

Memory Address Verification Bypass Vulnerability in Schneider Electric Triconex Tricon MP Model 3008 Firmware Versions 10.0-10.4

CVE-2018-8872 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

In Schneider Electric Triconex Tricon MP model 3008 firmware versions 10.0-10.4, system calls read directly from memory addresses within the control program area without any verification. Manipulating this data could allow attacker data to be copied anywhere within memory.

Learn more about our Web Application Penetration Testing UK.