Design/Logic Flaw

2017-06-3003:29:00

PRIOn knowledge base

www.prio-n.com

0.004 Low

EPSS

Percentile

73.0%

JSON

A Resource Exhaustion issue was discovered in Schneider Electric Modicon M340 PLC BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP341000, BMXP342000, BMXP3420102, BMXP3420102CL, BMXP342020, BMXP342020H, BMXP342030, BMXP3420302, BMXP3420302H, and BMXP342030H. A remote attacker could send a specially crafted set of packets to the PLC causing it to freeze, requiring the operator to physically press the reset button on the PLC in order to recover.

CPENameOperatorVersion
bmxnoc0401_firmwareeq2.8
bmxnoe0100_firmwareeq2.8
bmxnoe0110_firmwareeq2.8
bmxnoe0110h_firmwareeq2.8
bmxnor0200h_firmwareeq2.8
bmxp341000_firmwareeq2.8
bmxp342000_firmwareeq2.8
bmxp3420102_firmwareeq2.8
bmxp3420102cl_firmwareeq2.8
bmxp342020_firmwareeq2.8

Name	Operator	Version
bmxnoc0401_firmware	eq	2.8
bmxnoe0100_firmware	eq	2.8
bmxnoe0110_firmware	eq	2.8
bmxnoe0110h_firmware	eq	2.8
bmxnor0200h_firmware	eq	2.8
bmxp341000_firmware	eq	2.8
bmxp342000_firmware	eq	2.8
bmxp3420102_firmware	eq	2.8
bmxp3420102cl_firmware	eq	2.8
bmxp342020_firmware	eq	2.8