Published: 14/07/2021 Updated: 26/07/2021

CVSS v2 Base Score: 6.4 | Impact Score: 4.9 | Exploitability Score: 10

CVSS v3 Base Score: 9.1 | Impact Score: 5.2 | Exploitability Score: 3.9

VMScore: 570

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N

Authentication Bypass by Spoofing vulnerability exists in EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all versions of Unity Pro), EcoStruxure Control Expert V15.0 SP1, EcoStruxure Process Expert (all versions, including all versions of EcoStruxure Hybrid DCS), SCADAPack RemoteConnect for x70 (all versions), Modicon M580 CPU (all versions - part numbers BMEP* and BMEH*), Modicon M340 CPU (all versions - part numbers BMXP34*), that could cause unauthorized access in read and write mode to the controller by spoofing the Modbus communication between the engineering software and the controller.

Vulnerable Product	Search on Vulmon	Subscribe to Product
schneider-electric ecostruxure control expert
schneider-electric ecostruxure control expert 15.0
schneider-electric ecostruxure process expert
schneider-electric remoteconnect
schneider-electric modicon_m580_bmep581020_firmware
schneider-electric modicon_m580_bmep581020h_firmware
schneider-electric modicon_m580_bmep582020_firmware
schneider-electric modicon_m580_bmep582020h_firmware
schneider-electric modicon_m580_bmep582040_firmware
schneider-electric modicon_m580_bmep582040h_firmware
schneider-electric modicon_m580_bmep582040s_firmware
schneider-electric modicon_m580_bmep583020_firmware
schneider-electric modicon_m580_bmep583040_firmware
schneider-electric modicon_m580_bmep584020_firmware
schneider-electric modicon_m580_bmep584040_firmware
schneider-electric modicon_m580_bmep584040s_firmware
schneider-electric modicon_m580_bmep585040_firmware
schneider-electric modicon_m580_bmep585040c_firmware
schneider-electric modicon_m580_bmep586040_firmware
schneider-electric modicon_m580_bmep586040c_firmware
schneider-electric modicon_m580_bmeh582040_firmware
schneider-electric modicon_m580_bmeh582040c_firmware
schneider-electric modicon_m580_bmeh582040s_firmware
schneider-electric modicon_m580_bmeh584040_firmware
schneider-electric modicon_m580_bmeh584040c_firmware
schneider-electric modicon_m580_bmeh584040s_firmware
schneider-electric modicon_m580_bmeh586040_firmware
schneider-electric modicon_m580_bmeh586040c_firmware
schneider-electric modicon_m580_bmeh586040s_firmware
schneider-electric modicon_m340_bmxp341000_firmware
schneider-electric modicon_m340_bmxp342010_firmware
schneider-electric modicon_m340_bmxp342020_firmware
schneider-electric modicon_m340_bmxp342030_firmware

The secrets of Schneider Electric’s UMAS protocol

Securelist • Kaspersky ICS CERT • 29 Sep 2022

UMAS (Unified Messaging Application Services) is a proprietary Schneider Electric (SE) protocol used to configure and monitor Schneider Electric PLCs. Schneider Electric controllers that use UMAS include Modicon M580 CPU (part numbers BMEP* and BMEH*) and Modicon M340 CPU (part numbers BMXP34*). Controllers are configured and programmed using engineering software – EcoStruxure™ Control Expert (Unity Pro), EcoStruxure™ Process Expert, etc. In 2020, CVE-2020-28212, a vulnerability affecting ...

CVE-2021-22779

Vulnerability Summary

Vulnerability Trend

Recent Articles

References

Vulmon Search

About

Products

Connect