多芬诺针对.DG

当前页面：首页 中心 业界动态 多芬诺针对Schneider Quantum PLC漏洞推出解决方案

据US-CERT（美国计算机应急响应小组）SB11- 60和SB 7公告称，schneider-electric的quantum 以太模块和PLC存在着漏洞，部分公告内容如下：

Bulletin (SB11- 60)

Vulnerability Summary for the Week of December 19, 2011

Primary Vendor -- Product

Description

Published

CVSS Score

Source Patch Info

schneider-electric -- m 40_ethernet_module_bmxnoe0100 The Schneider Electric Quantum Ethernet Module, as used in the Quantum 140NOE771* and 140CPU65* modules, the Premium TSXETY* and TSXP57* modules, the M 40 BMXNOE01* and BMXP 420* modules, and the STB DIO STBNIC2212 and STBNIP2* modules, uses hardcoded passwords for the (1) AUTCSE, (2) AUT_CSE, ( ) fdrusers, (4) ftpuser, (5) loader, (6) nic2212, (7) nimrohs2212, (8) nip2212, (9) noe77111_v500, (10) ntpupdate, (11) pcfactory, (12) sysdiag, (1 ) target, (14) test, (15) USER, and (16) webserver accounts, which makes it easier for remote attackers to obtain access via the (a) TELNET, (b) Windriver Debug, or (c) FTP port. 10.0 CVE- schneider-electric -- quantum_ethernet_module_140noe77100 The Compute Password function in the Schneider Electric Quantum Ethernet Module on the NOE 771 device (aka the Quantum 140NOE771* module) generates the password for the fwupgrade account by performing a calculation on the MAC address, which makes it easier for remote attackers to obtain access via a (1) ARP request message or (2) Neighbor Solicitation message. 10.0 CVE- schneider-electric -- quantum_ethernet_module_140noe77100 The modbus_125_handler function in the Schneider Electric Quantum Ethernet Module on the NOE 771 device (aka the Quantum 140NOE771* module) allows remote attackers to install arbitrary firmware updates via a MODBUS 125 function code to TCP port 502. 10.0 CVE- Bulletin (SB 7)

改行Vulnerability Summary for the Week of January 0, 2012

Primary Vendor -- Product

Description

Published

CVSS Score

Source Patch Info

schneider-electric -- modicon_quantum_plc Multiple buffer overflows in Schneider Electric Modicon Quantum PLC allow remote attackers to cause a denial of service via malformed requests to the (1) FTP server or (2) HTTP server. 7.8 CVE- schneider-electric -- modicon_quantum_plc Schneider Electric Modicon Quantum PLC does not perform authentication between the Unity software and PLC, which allows remote attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors. 7.8 CVE- 1 schneider-electric -- modicon_quantum_plc Cross-site scripting (XSS) vulnerability in Schneider Electric Modicon Quantum PLC allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. 4. CVE- 0 多芬诺公司针对此漏洞推出相应的解决方案（点击查看），该方案能对Modbus协议内容进行深度检查，从Modbus的设备地址、功能码、寄存器地址等方面提供对Modbus协议通讯的全面防护。