Vulnerabilities (CVE)

Filtered by vendor Schneider-electric Subscribe
Filtered by product Triconex Tricon Mp 3008
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-8872 1 Schneider-electric 2 Triconex Tricon Mp 3008, Triconex Tricon Mp 3008 Firmware 2024-02-04 9.3 HIGH 8.1 HIGH
In Schneider Electric Triconex Tricon MP model 3008 firmware versions 10.0-10.4, system calls read directly from memory addresses within the control program area without any verification. Manipulating this data could allow attacker data to be copied anywhere within memory.
CVE-2018-7522 1 Schneider-electric 2 Triconex Tricon Mp 3008, Triconex Tricon Mp 3008 Firmware 2024-02-04 7.2 HIGH 6.7 MEDIUM
In Schneider Electric Triconex Tricon MP model 3008 firmware versions 10.0-10.4, when a system call is made, registers are stored to a fixed memory location. Modifying the data in this location could allow attackers to gain supervisor-level access and control system states.