Design/Logic Flaw

2022-07-1321:15:00

PRIOn knowledge base

www.prio-n.com

7.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

38.5%

JSON

A CWE-835: Loop with Unreachable Exit Condition (‘Infinite Loop’) vulnerability exists that could cause a denial of service of the webserver due to improper handling of the cookies. Affected Products: X80 advanced RTU Communication Module (BMENOR2200H) (V1.0), OPC UA Modicon Communication Module (BMENUA0100) (V1.10 and prior)

CPENameOperatorVersion
opc_ua_module_for_m580_firmwarele1.10
x80_advanced_rtu_module_firmwareeq1.0

CPE	Name	Operator	Version
	opc_ua_module_for_m580_firmware	le	1.10
	x80_advanced_rtu_module_firmware	eq	1.0

References

download.schneider-electric.com/files?p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-193-01_OPC_UA_X80_Advanced_RTU_Modicon_Communication_Modules+_Security_Notification.pdf