CVE-2017-7574Schneider-electric · Modicon_tm221ce16r_firmware
Vulnerability data via NVD (ingested)
Schneider Electric SoMachine Basic 1.4 SP1 and Schneider Electric Modicon TM221CE16R 1.3.3.3 devices have a hardcoded-key vulnerability. The Project Protection feature is used to prevent unauthorized users from opening an XML protected project file, by prompting the user for a password. This XML file is AES-CBC encrypted; however, the key used for encryption (SoMachineBasicSoMachineBasicSoMa) cannot be changed. After decrypting the XML file with this key, the user password can be found in the decrypted data. After reading the user password, the project can be opened and modified with the Schneider product.
External references
Search for exposed instances
Shodan + Censys queries derived from NVD's CPE data. The vuln tag catches assets Shodan has explicitly linked to this CVE; the product / banner fingerprints find exposed instances even when the vuln tag was never applied (which is common).
vuln:CVE-2017-7574os:"Modicon Tm221ce16r Firmware"More intel sources (5)
vuln:CVE-2017-7574vulnerabilities.cve_id: CVE-2017-7574CVE-2017-7574CVE-2017-7574"CVE-2017-7574" exploit -site:nvd.nist.gov