Lucene search

K

Tsxp57354m Firmware Security Vulnerabilities

cve
cve

CVE-2018-7241

Hard coded accounts exist in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communication modules.

9.8CVSS

9.4AI Score

0.003EPSS

2018-04-18 08:29 PM
27
cve
cve

CVE-2018-7242

Vulnerable hash algorithms exists in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communication modules. The algorithm used to encrypt the password is vulnerable to hash collision attacks.

9.8CVSS

9.4AI Score

0.004EPSS

2018-04-18 08:29 PM
40
cve
cve

CVE-2018-7759

A buffer overflow vulnerability exists in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200. The buffer overflow vulnerability is caused by the length of the source string specified (instead of the buffer size) as the number of bytes to be copied.

7.5CVSS

7.6AI Score

0.001EPSS

2018-04-18 08:29 PM
30
cve
cve

CVE-2018-7760

An authorization bypass vulnerability exists in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200. Requests to CGI functions allow malicious users to bypass authorization.

9.8CVSS

9.3AI Score

0.002EPSS

2018-04-18 08:29 PM
27
cve
cve

CVE-2018-7761

A vulnerability exists in the HTTP request parser in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200 which could allow arbitrary code execution.

9.8CVSS

9.6AI Score

0.005EPSS

2018-04-18 08:29 PM
32
cve
cve

CVE-2018-7762

A vulnerability exists in the web services to process SOAP requests in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200 which could allow result in a buffer overflow.

7.5CVSS

7.5AI Score

0.001EPSS

2018-04-18 08:29 PM
22
cve
cve

CVE-2018-7794

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium (see security notification for specific versions) which could cause a Denial of Service when reading data with invalid index using Modbus TCP.

7.5CVSS

7.5AI Score

0.001EPSS

2020-01-06 11:15 PM
153
cve
cve

CVE-2019-6856

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium (see security notification for specific versions) which could cause a Denial of Service when writing specific physical memory blocks using Modbus TCP.

7.5CVSS

7.3AI Score

0.001EPSS

2020-01-06 11:15 PM
136
cve
cve

CVE-2019-6857

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium (see security notification for specific versions) which could cause a Denial of Service of the controller when reading specific memory blocks using Mo...

7.5CVSS

7.5AI Score

0.001EPSS

2020-01-06 11:15 PM
136
3