CVE-2024-12142

🗓️ 17 Jan 2025 10:19:11Reported by schneiderType

Vulnerability could lead to information disclosure, web page modification, and denial of service.

Reporter	Title	Published	Views	Family All 11
Circl	CVE-2024-12142	17 Jan 202510:22	–	circl
CNNVD	Schneider Electric Modicon M340 信息泄露漏洞	17 Jan 202500:00	–	cnnvd
Cvelist	CVE-2024-12142	17 Jan 202510:19	–	cvelist
EUVD	EUVD-2024-50625	3 Oct 202520:07	–	euvd
ICS	Schneider Electric Modicon M340 and BMXNOE0100/0110, BMXNOR0200H	14 Jan 202500:00	–	ics
NCSC	Vulnerabilities fixed in Schneider Electric Modicon	16 Jan 202511:46	–	ncsc
NVD	CVE-2024-12142	17 Jan 202511:15	–	nvd
Positive Technologies	PT-2024-10144 · Schneider Electric · Bmxnoe0100 +3	4 Dec 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-12142	5 Feb 202510:24	–	redhatcve
Tenable Nessus	Schneider Electric Modicon M340 and BMXNOE0100/0110, BMXNOR0200H Exposure of Sensitive Information to an Unauthorized Actor (CVE-2024-12142)	18 Feb 202500:00	–	nessus

[
  {
    "defaultStatus": "unaffected",
    "product": "Modicon M340 processors (part numbers BMXP34*)",
    "vendor": "Schneider Electric",
    "versions": [
      {
        "status": "affected",
        "version": "All versions"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "BMXNOE0100",
    "vendor": "Schneider Electric",
    "versions": [
      {
        "status": "affected",
        "version": "All versions"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "BMXNOE0110",
    "vendor": "Schneider Electric",
    "versions": [
      {
        "status": "affected",
        "version": "All Versions"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "BMXNOR0200H",
    "vendor": "Schneider Electric",
    "versions": [
      {
        "status": "affected",
        "version": "Versions prior to SV1.70IR26"
      }
    ]
  }
]

Source	Link
download	www.download.schneider-electric.com/files

15 Apr 2026 00:35Current

8.2High risk

Vulners AI Score8.2

CVSS 3.18.6

CVSS 48.8

EPSS0.00165

SSVC

CWE-200

cve-2024-12142 cwe-200 information disclosure web page modification denial of service