What is CVE-2017-6030?

CVE-2017-6030 is a medium-severity vulnerability in Schneider Electric Modicon M221, classified under CWE-343. CVSS score: 6.5/10. Published 2017-06-30.

How severe is CVE-2017-6030?

Medium severity. CVSS v3 base score is 6.5 out of 10.

Is CVE-2017-6030 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Schneider Electric Modicon M221

CVE-2017-6030

A predictable value range from previous values issue was discovered in Schneider Electric Modicon PLCs Modicon M221, firmware versions prior to Version 1.5.0.0, Modicon M241, firmware versions prior to Version 4.0.5.11, and Modicon M251, f…

EPSS: 0.005 (67.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L.

Affected products

Schneider Electric Modicon M221 — versions 0
Schneider Electric Modicon M241 — versions 0
Schneider Electric Modicon M251 — versions 0
Schneider-electric Modicon_m221
Schneider-electric Modicon_m221_firmware
Schneider-electric Modicon_m241
Schneider-electric Modicon_m241_firmware
Schneider-electric Modicon_m251
Schneider-electric Modicon_m251_firmware
N/a Schneider Electric Modicon Plcs — versions Schneider Electric Modicon PLCs

Weakness classification (CWE)

Public proof-of-concept exploits

n0-traces/cve_

References

ics-cert@hq.dhs.gov (US Government Resource, Third Party Advisory, x_refsource_MISC)
ics-cert@hq.dhs.gov (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_BID)
ics-cert@hq.dhs.gov

Frequently asked questions

What is CVE-2017-6030?: CVE-2017-6030 is a medium-severity vulnerability in Schneider Electric Modicon M221, classified under CWE-343. CVSS score: 6.5/10. Published 2017-06-30.
How severe is CVE-2017-6030?: Medium severity. CVSS v3 base score is 6.5 out of 10.
Is CVE-2017-6030 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.