Security Advisory
Schneider Electric’s GP Pro Ex
Restrict access to UDP/27127 and TCP/502 on all Schneider Modicon PLCs, and ensure that SoMachine Basic workstations prevent remote access to TCP/27699, and TCP/27700+ (sequential ports dependent upon the number of serial ports that the workstation has available).
Risk Information
affected product:
GP-Pro EX: v4.09.250 and prior
Possible Threat
CVE ID
CVE-2021-22775
ID
CVE-2021-22775
Source
Dragos
Skill Level
N/A
CVSSV3 BASE / TEMPORAL SCORE
N/A
CVSSV3 vector
N/A
Affecting
Vulnerability Type
Uncontrolled Search Path Element
Disclosure Timeline
08/10/2021 - Dragos discloses issue