CVE-2020-7541

🗓️ 11 Dec 2020 00:52:09Reported by schneiderType

Modicon M340, Modicon Quantum, Modicon Premium Web Server CVE-2020-754

Reporter	Title	Published	Views	Family All 10
Circl	CVE-2020-7541	11 Dec 202007:35	–	circl
CNNVD	Multiple Schneider Electric Products Information Disclosure Vulnerabilities	10 Dec 202000:00	–	cnnvd
Cvelist	CVE-2020-7541	11 Dec 202000:52	–	cvelist
NCSC	Vulnerabilities fixed in Schneider Electric equipment	10 Dec 202000:00	–	ncsc
NCSC	Vulnerabilities fixed in Schneider Electric EcoStruxure and Modicon products	12 Aug 202100:00	–	ncsc
NVD	CVE-2020-7541	11 Dec 202001:15	–	nvd
Prion	Spoofing	11 Dec 202001:15	–	prion
Positive Technologies	PT-2013-1323 · Schneider Electric · Modicon M340 +2	15 May 201300:00	–	ptsecurity
RedhatCVE	CVE-2020-7541	9 Jan 202610:00	–	redhatcve
Tenable Nessus	Schneider Electric Modicon Forced Browsing (CVE-2020-7541)	29 Jun 202300:00	–	nessus

NVD

Node

schneider-electric modicon_m340_bmxp341000_firmwareRange<3.30

AND

schneider-electric modicon_m340_bmxp341000Match-

Node

schneider-electric modicon_m340_bmxp342000_firmwareRange<3.30

AND

schneider-electric modicon_m340_bmxp342000Match-

Node

schneider-electric modicon_m340_bmxp3420102_firmwareRange<3.30

AND

schneider-electric modicon_m340_bmxp3420102Match-

Node

schneider-electric modicon_m340_bmxp3420102cl_firmwareRange<3.30

AND

schneider-electric modicon_m340_bmxp3420102clMatch-

Node

schneider-electric modicon_m340_bmxp342020_firmwareRange<3.30

AND

schneider-electric modicon_m340_bmxp342020Match-

Node

schneider-electric modicon_m340_bmxp3420302_firmwareRange<3.30

AND

schneider-electric modicon_m340_bmxp3420302Match-

Node

schneider-electric modicon_m340_bmxp3420302cl_firmwareRange<3.30

AND

schneider-electric modicon_m340_bmxp3420302clMatch-

Node

schneider-electric bmxnoe0100_firmwareRange<3.3

AND

schneider-electric bmxnoe0100Match-

Node

schneider-electric bmxnoe0110_firmwareRange<6.5

AND

schneider-electric bmxnoe0110Match-

Node

schneider-electric bmxnoc0401_firmwareRange<2.10

AND

schneider-electric bmxnoc0401Match-

Node

schneider-electric tsxp574634_firmwareRange<6.1

AND

schneider-electric tsxp574634Match-

Node

schneider-electric tsxp575634_firmwareRange<6.1

AND

schneider-electric tsxp575634Match-

Node

schneider-electric tsxp576634_firmwareRange<6.1

AND

schneider-electric tsxp576634Match-

Node

schneider-electric tsxety4103_firmwareRange<6.2

AND

schneider-electric tsxety4103Match-

Node

schneider-electric tsxety5103_firmwareRange<6.4

AND

schneider-electric tsxety5103Match-

Node

schneider-electric 140cpu65150_firmwareRange<6.1

AND

schneider-electric 140cpu65150Match-

Node

schneider-electric 140noe77111_firmwareRange<7.1

AND

schneider-electric 140noe77111Match-

Node

schneider-electric 140noc78100_firmwareRange<1.74

AND

schneider-electric 140noc78100Match-

Node

schneider-electric 140noc78000_firmwareRange<1.74

AND

schneider-electric 140noc78000Match-

Node

schneider-electric 140noc77101_firmwareRange<1.08

AND

schneider-electric 140noc77101Match-

[
  {
    "product": "Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions)",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions)"
      }
    ]
  }
]

Source	Link
se	www.se.com/ww/en/download/document/SEVD-2020-343-03/

21 Nov 2024 05:37Current

5.2Medium risk

Vulners AI Score5.2

CVSS 25

CVSS 3.15.3

EPSS0.00311

CWE-425