What the vulnerability does

01Description

In Schneider Electric Triconex Tricon MP model 3008 firmware versions 10.0-10.4, when a system call is made, registers are stored to a fixed memory location. Modifying the data in this location could allow attackers to gain supervisor-level access and control system states.

Key dates

02Disclosure timeline

May 4, 2018 CVE published
September 17, 2024 Record updated