GCVE - cpe:2.3:a:schneider_electric_se:modicon_m221,_all_references,_all_versions_prior_to_firmware

Approved changes feed: RSS · Atom

cpe:2.3:a:schneider_electric_se:modicon_m221,_all_references,_all_versions_prior_to_firmware_v1.6.2.0:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Schneider Electric Se (`25d1a66d-bfb8-5d1c-9a6c-4a2405fe5386`)
Product	Modicon M221, All References, All Versions Prior To Firmware V1.6.2.0 (`1c8f65b0-31f6-5326-9783-348639b852c2`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2018-7792`	vulnerable	2026-06-03 14:39:07.395470	Details available A Permissions, Privileges, and Access Control vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to decode the password using rainbow table. Published: 2018-08-29T21:00:00.000Z Updated: 2026-05-29T14:03:17.593Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/105182 https://www.schneider-electric.com/en/download/document/SEVD-2018-235-01/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2018-7791`	vulnerable	2026-06-03 14:39:07.395141	Details available A Permissions, Privileges, and Access Control vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to overwrite the original password with their password. If an attacker exploits this vulnerability and overwrite the password, the attacker can upload the original program from the PLC. Published: 2018-08-29T21:00:00.000Z Updated: 2026-05-29T13:59:17.157Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/105182 https://www.schneider-electric.com/en/download/document/SEVD-2018-235-01/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2018-7790`	vulnerable	2026-06-03 14:39:07.394779	Details available An Information Management Error vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to replay authentication sequences. If an attacker exploits this vulnerability and connects to a Modicon M221, the attacker can upload the original program from the PLC. Published: 2018-08-29T21:00:00.000Z Updated: 2026-05-29T13:55:56.843Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/105182 https://www.schneider-electric.com/en/download/document/SEVD-2018-235-01/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2018-7789`	vulnerable	2026-06-03 14:39:07.393287	Details available An Improper Check for Unusual or Exceptional Conditions vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to remotely reboot Modicon M221 using crafted programing protocol frames. Published: 2018-08-29T20:00:00.000Z Updated: 2026-05-29T13:50:59.507Z Open on db.gcve.eu Reference links https://ics-cert.us-cert.gov/advisories/ICSA-18-240-02 https://www.schneider-electric.com/en/download/document/SEVD-2018-233-01/ http://www.securityfocus.com/bid/105171	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Modicon M221, All References, All Versions Prior To Firmware V1.6.2.0

PURL mappings

Vulnerability references

Contribute