CVE-2020-7533

🗓️ 01 Dec 2020 14:47:02Reported by schneiderType

CVE-2020-7533 CWE-255 Credentials Management vulnerability in Modicon M340, Quantum & Premium Legacy Web Server

Reporter	Title	Published	Views	Family All 10
BDU FSTEC	The vulnerability of microprogrammed software in Schneider Electric’s programmable logic controllers such as Modicon M340, Modicon Quantum, and Modicon Premium lies in errors related to register data manipulation, allowing attackers to execute arbitrary commands.	30 Aug 202100:00	–	bdu_fstec
Circl	CVE-2020-7533	1 Dec 202018:54	–	circl
CNNVD	Schneider Electric Various Products Authorization Issues Vulnerabilities	1 Dec 202000:00	–	cnnvd
Cvelist	CVE-2020-7533	1 Dec 202014:47	–	cvelist
NVD	CVE-2020-7533	1 Dec 202015:15	–	nvd
OSV	CVE-2020-7533	1 Dec 202015:15	–	osv
Prion	Design/Logic Flaw	1 Dec 202015:15	–	prion
Positive Technologies	PT-2020-6346 · Schneider Electric · Communication Modules +3	13 Oct 202000:00	–	ptsecurity
RedhatCVE	CVE-2020-7533	9 Jan 202609:59	–	redhatcve
Tenable Nessus	Schneider Electric Modicon Credentials Management Errors (CVE-2020-7533)	29 Jun 202300:00	–	nessus

NVD

Node

schneider-electric modicon_m340_bmxp3420302_firmwareRange<3.20

AND

schneider-electric modicon_m340_bmxp3420302Match-

Node

schneider-electric modicon_m340_bmxp342000_firmwareRange<3.20

AND

schneider-electric modicon_m340_bmxp342000Match-

Node

schneider-electric modicon_m340_bmxp341000_firmwareRange<3.20

AND

schneider-electric modicon_m340_bmxp341000Match-

Node

schneider-electric modicon_m340_bmxp3420102_firmwareRange<3.20

AND

schneider-electric modicon_m340_bmxp3420102Match-

Node

schneider-electric modicon_m340_bmxp3420302_firmwareRange<3.20

AND

schneider-electric modicon_m340_bmxp3420302Match-

Node

schneider-electric bmxnoe0100_firmwareRange<3.3

AND

schneider-electric bmxnoe0100Match-

Node

schneider-electric bmxnoe0110_firmwareRange<6.5

AND

schneider-electric bmxnoe0110Match-

Node

schneider-electric bmxnoc0401_firmwareRange<2.10

AND

schneider-electric bmxnoc0401Match-

Node

schneider-electric tsxp574634_firmwareRange<6.1

AND

schneider-electric tsxp574634Match-

Node

schneider-electric tsxp575634_firmwareRange<6.1

AND

schneider-electric tsxp575634Match-

Node

schneider-electric tsxp576634_firmwareRange<6.1

AND

schneider-electric tsxp576634Match-

Node

schneider-electric tsxety4103_firmwareRange<6.2

AND

schneider-electric tsxety4103Match-

Node

schneider-electric tsxety5103_firmwareRange<6.4

AND

schneider-electric tsxety5103Match-

Node

schneider-electric 140noe77111_firmwareRange<7.1

AND

schneider-electric 140noe77111Match-

Node

schneider-electric 140noc78000_firmwareRange<1.74

AND

schneider-electric 140noc78000Match-

Node

schneider-electric 140noc77101_firmwareRange<1.08

AND

schneider-electric 140noc77101Match-

Node

schneider-electric 140cpu65260_firmwareRange<6.1

AND

schneider-electric 140cpu65260Match-

[
  {
    "defaultStatus": "unaffected",
    "product": "Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see security notification for version information)",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see security notification for version information)"
      }
    ]
  }
]

Source	Link
download	www.download.schneider-electric.com/files
se	www.se.com/ww/en/download/document/SEVD-2020-287-01/

17 Jun 2026 03:24Current

9.8High risk

Vulners AI Score9.8

CVSS 27.5

CVSS 3.19.8

EPSS0.02301

CWE-287