An Information Management Error vulnerability exists in Schneider Electric’s Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to replay authentication sequences. If an attacker exploits this vulnerability and connects to a Modicon M221, the attacker can upload the original program from the PLC.
CWE-294
CVE-2018-7356
All versions up to V3.03.10.B23P2 of ZTE ZXR10 8905E product are impacted by TCP Initial Sequence Number (ISN) reuse vulnerability, which can generate easily predictable ISN, and allows remote attackers to spoof connections.
CVE-2018-19025
In JUUKO K-808, an attacker could specially craft a packet that encodes an arbitrary command, which could be executed on the K-808 (Firmware versions prior to numbers ending …9A, …9B, …9C, etc.).
CVE-2018-17935
All versions of Telecrane F25 Series Radio Controls before 00.0A use fixed codes that are reproducible by sniffing and re-transmission. This can lead to unauthorized replay of a command, spoofing of an arbitrary message, or keeping the controlled load in a permanent “stop” state.
CVE-2018-17932
JUUKO K-800 (Firmware versions prior to numbers ending …9A, …9B, …9C, etc.) is vulnerable to a replay attack and command forgery, which could allow attackers to replay commands, control the device, view commands, or cause the device to stop running.
CVE-2018-17903
SAGA1-L8B with any firmware versions prior to A0.10 are vulnerable to a replay attack and command forgery.