CVE-2023-25620

🗓️ 19 Apr 2023 08:17:57Reported by schneiderType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 91 Views

Improper Check for Unusual or Exceptional Conditions vulnerability causing denial of service

Reporter	Title	Published	Views	Family All 10
CNNVD	Schneider Electric Modicon M580 代码问题漏洞	19 Apr 202300:00	–	cnnvd
CNVD	Schneider Electric Modicon M580, Modicon M340 Code Issue Vulnerabilities	17 May 202300:00	–	cnvd
Cvelist	CVE-2023-25620	19 Apr 202308:17	–	cvelist
EUVD	EUVD-2023-29560	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in Schneider Electric Modicon components	12 Apr 202300:00	–	ncsc
NVD	CVE-2023-25620	19 Apr 202309:15	–	nvd
Prion	Design/Logic Flaw	19 Apr 202309:15	–	prion
Positive Technologies	PT-2023-2956 · Schneider Electric · Schneider Electric Modicon	11 Apr 202300:00	–	ptsecurity
Tenable Nessus	Schneider Electric Modicon Improper Check for Unusual or Exceptional Conditions (CVE-2023-25620)	16 May 202300:00	–	nessus
Vulnrichment	CVE-2023-25620	19 Apr 202308:17	–	vulnrichment

NVD

Node

schneider-electric modicon_m580_firmwareRange<4.10

AND

schneider-electric modicon_m580Match-

Node

schneider-electric modicon_m340_firmwareRange<3.51

AND

schneider-electric modicon_m340Match-

Node

schneider-electric modicon_momentum_unity_m1e_processor_firmware

AND

schneider-electric modicon_momentum_unity_m1e_processorMatch-

Node

schneider-electric modicon_mc80_firmware

AND

schneider-electric modicon_mc80Match-

Node

schneider-electric 140cpu65_firmware

AND

schneider-electric 140cpu65Match-

Node

schneider-electric tsxp57_firmware

AND

schneider-electric tsxp57Match-

Node

schneider-electric bmep58s_firmware

AND

schneider-electric bmep58sMatch-

Node

schneider-electric bmeh58s_firmware

AND

schneider-electric bmeh58sMatch-

[
  {
    "defaultStatus": "unaffected",
    "product": "Modicon M340 CPU (part numbers BMXP34*) ",
    "vendor": "Schneider Electric",
    "versions": [
      {
        "status": "affected",
        "version": "prior to SV3.51"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Modicon M580 CPU (part numbers BMEP* and BMEH*)",
    "vendor": "Schneider Electric",
    "versions": [
      {
        "status": "affected",
        "version": "prior to V4.10"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Modicon M580 CPU Safety (part numbers BMEP58*S and BMEH58*S)",
    "vendor": "Schneider Electric",
    "versions": [
      {
        "status": "affected",
        "version": "All "
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Modicon Momentum Unity M1E Processor (171CBU*)",
    "vendor": "Schneider Electric",
    "versions": [
      {
        "status": "affected",
        "version": "All"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Modicon MC80 (BMKC80)",
    "vendor": "Schneider Electric",
    "versions": [
      {
        "status": "affected",
        "version": "All"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Legacy Modicon Quantum (140CPU65*)",
    "vendor": "Schneider Electric",
    "versions": [
      {
        "status": "affected",
        "version": "All"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Legacy Modicon Premium CPUs (TSXP57*)",
    "vendor": "Schneider Electric",
    "versions": [
      {
        "status": "affected",
        "version": "All"
      }
    ]
  }
]

Source	Link
download	www.download.schneider-electric.com/files

21 Nov 2024 07:49Current

6.4Medium risk

Vulners AI Score6.4

CVSS 3.16.5

EPSS0.00278

SSVC

CWE-754