Schneider Modicon M340 Default Credentials Network Vulnerability

Summary

The remote Schneider Modicon M340 is prone to a default account authentication bypass vulnerability. This issue may be exploited by a remote attacker to gain access to sensitive information or modify system configuration. It was possible to login as user 'USER' with password 'USER'.

Solution

Change the password.

References

http://dariusfreamon.wordpress.com/2013/12/08/schneider-modicon-m340-for-ethernet-multiple-default-credentials/

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 9.0 AV:N/AC:L/Au:N/C:C/I:P/A:P

Related Vulnerabilities

Siedle Door Controller Default Password
Schneider Modicon M340 Default Credentials
Default password (db2fenc1) for db2fenc1
Default password (ibmdb2) for db2fenc1
F5 Networks BIG-IQ Webinterface Default Credentials

Take action and discover your vulnerabilities