Vulnerabilities > CVE-2020-7566 - Small Space of Random Values vulnerability in Schneider-Electric Modicon M221 Firmware

047910
CVSS 4.3 - MEDIUM
Attack vector
ADJACENT_NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
NONE

Summary

A CWE-334: Small Space of Random Values vulnerability exists in Modicon M221 (all references, all versions) that could allow the attacker to break the encryption keys when the attacker has captured the traffic between EcoStruxure Machine - Basic software and Modicon M221 controller.

Vulnerable Configurations

Part Description Count
OS
Schneider-Electric
1
Hardware
Schneider-Electric
1

Common Weakness Enumeration (CWE)