Design/Logic Flaw

2020-12-1101:15:00

PRIOn knowledge base

www.prio-n.com

5.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

39.7%

JSON

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause denial of HTTP and FTP services when a series of specially crafted requests is sent to the controller over HTTP.

CPENameOperatorVersion
140noe77111_firmwarelt7.3
bmxnoe0100_firmwarelt3.4
bmxnoe0110_firmwarelt6.6
bmxp341000_firmwarelt3.30
bmxp342000_firmwarelt3.30
bmxp3420102_firmwarelt3.30
bmxp3420102cl_firmwarelt3.30
bmxp342020_firmwarelt3.30
bmxp3420302_firmwarelt3.30
bmxp3420302cl_firmwarelt3.30

Name	Operator	Version
140noe77111_firmware	lt	7.3
bmxnoe0100_firmware	lt	3.4
bmxnoe0110_firmware	lt	6.6
bmxp341000_firmware	lt	3.30
bmxp342000_firmware	lt	3.30
bmxp3420102_firmware	lt	3.30
bmxp3420102cl_firmware	lt	3.30
bmxp342020_firmware	lt	3.30
bmxp3420302_firmware	lt	3.30
bmxp3420302cl_firmware	lt	3.30

References

www.se.com/ww/en/download/document/SEVD-2020-343-06/