Detections
Analytics

Schneider Electric Modicon Controllers Use of Insufficiently Random Values (CVE-2019-6821)

medium Tenable OT Security Plugin ID 500068

Synopsis

The remote OT asset is affected by a vulnerability.

Description

CWE-330: Use of Insufficiently Random Values vulnerability, which could cause the hijacking of the TCP connection when using Ethernet communication in Modicon M580 firmware versions prior to V2.30, and all firmware versions of Modicon M340, Modicon Premium, Modicon Quantum.

This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information.

Solution

The following text was originally created by the Cybersecurity and Infrastructure Security Agency (CISA). The original can be found at CISA.gov.

Schneider Electric reports the following mitigations:

- Modicon M580 firmware Version 2.80 is available for download. For more information see Schneider Electric advisory SEVD-2019-134-03
- Modicon M340: currently, no fix is available.
- Schneider Electric recommends that affected users set up network segmentation and implement a firewall to block all remote/external access to TCP ports.
 - Configure the Access Control List following the recommendations of the user manual “Modicon M340 for Ethernet Communications Modules and Processors User Manual,” in the chapter titled “Messaging Configuration Parameters,” which is available here: https://download.schneiderelectric.com/files?p_enDocType=User+guide&p_File_Name=31007131_K01_000_16.pdf& p_Doc_Ref=31007131K01000
- Modicon Premium and Modicon Quantum
- Set up network segmentation and implement a firewall to block all unauthorized access to all TCP ports.

In December 2018, Schneider Electric reported that the Modicon Premium and Quantum controllers reached the End of Commercialization life cycle. For more information, please see Schneider Electric advisory SEVD-2019-134-03

See Also

http://www.securityfocus.com/bid/108366

https://ics-cert.us-cert.gov/advisories/ICSA-19-136-01

http://www.nessus.org/u?eb79ea26

Plugin Details

Severity: Medium

ID: 500068

Version: 1.8

Type: remote

Family: Tenable.ot

Published: 2/7/2022

Updated: 3/4/2024

Supported Sensors: Tenable OT Security

Risk Information

VPR

Risk Factor: Low

Score: 2.5

CVSS v2

Risk Factor: Medium

Base Score: 6.4

Temporal Score: 4.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N

CVSS Score Source: CVE-2019-6821

CVSS v3

Risk Factor: Medium

Base Score: 6.5

Temporal Score: 5.7

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:schneider-electric:modicon_m580_series_firmware, cpe:/o:schneider-electric:modicon_quantum_firmware, cpe:/o:schneider-electric:modicon_premium_firmware

Required KB Items: Tenable.ot/Schneider

Exploit Ease: No known exploits are available

Patch Publication Date: 5/22/2019

Vulnerability Publication Date: 5/22/2019

Reference Information

CVE: CVE-2019-6821

CWE: 330