Remote Code Execution Vulnerability in Schneider Electric Quantum Ethernet Module
CVE-2011-4861

Currently unrated

Key Information:

Vendor: Schneider Electric
Status: Quantum Ethernet Module 140noe77101; Quantum Ethernet Module 140noe77100; Quantum Ethernet Module 140noe77111
Vendor: CVE Published:; 17 December 2011

Summary

The modbus_125_handler function in Schneider Electric's Quantum Ethernet Module allows unauthorized remote attackers to exploit vulnerabilities via the MODBUS 125 function code. This exploitation can result in the installation of arbitrary firmware updates by connecting to TCP port 502, potentially compromising the integrity and functionality of the affected system.

References

http://reversemode.com/index.php?option=com_content&task=...

x_refsource_MISC

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Dec 17, 2011