What is GHSA-m8hv-35c9-8jrx?

GHSA-m8hv-35c9-8jrx is a security advisory published by GitHub Security Advisories with Critical severity. An Authentication Bypass by Capture-Replay issue was discovered in Schneider Electric Modicon...

Which CVE IDs does GHSA-m8hv-35c9-8jrx cover?

GHSA-m8hv-35c9-8jrx covers the following CVE IDs: CVE-2017-6034. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-m8hv-35c9-8jrx?

GHSA-m8hv-35c9-8jrx has a CVSS v3 base score of 9.8, published by GitHub Security Advisories.

GHSA-m8hv-35c9-8jrxCriticalCVSS 9.8

An Authentication Bypass by Capture-Replay issue was discovered in Schneider Electric Modicon...

Vendor

GitHub Security Advisories

Published

May 13, 2022

Last Modified

June 5, 2026

🔗 CVE IDs covered (1)

CVE-2017-6034 →

📋 Description

An Authentication Bypass by Capture-Replay issue was discovered in Schneider Electric Modicon Modbus Protocol. Sensitive information is transmitted in cleartext in the Modicon Modbus protocol, which may allow an attacker to replay the following commands: run, stop, upload, and download.

🔗 References (6)

https://nvd.nist.gov/vuln/detail/CVE-2017-6034
https://ics-cert.us-cert.gov/advisories/ICSA-17-101-01
http://www.securityfocus.com/bid/97562
https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2017/icsa-17-101-01.json
https://www.se.com/us/en/download/document/SEVD-2017-065-01
https://github.com/advisories/GHSA-m8hv-35c9-8jrx