Schneider Electric Modicon Improper Check for Unusual or Exceptional Conditions (CVE-2020-7542)

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum & Modicon Premium see security notifications for affected versions, that could cause denial of service when a specially crafted Read Physical Memo...

Siemens EN100 Ethernet Communication Module and SIPROTEC 5 Relays Improper Input Validation (CVE-2018-16563)

A vulnerability has been identified in Firmware variant IEC 61850 for EN100 Ethernet module All versions V4.35, Firmware variant MODBUS TCP for EN100 Ethernet module All versions, Firmware variant DNP3 TCP for EN100 Ethernet module All versions, Firmware variant IEC104 for EN100 Ethernet module A...

Siemens EN100 Ethernet Module Relative Path Traversal (CVE-2019-13944)

A vulnerability has been identified in EN100 Ethernet module DNP3 variant All versions, EN100 Ethernet module IEC 61850 variant All versions V4.37, EN100 Ethernet module IEC104 variant All versions, EN100 Ethernet module Modbus TCP variant All versions, EN100 Ethernet module PROFINET IO variant A...

Schneider Electric Modicon Improper Check for Unusual or Exceptional Conditions (CVE-2020-7543)

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum & Modicon Premium see security notifications for affected versions, that could cause denial of service when a specially crafted Read Physical Memo...

Siemens SIPROTEC Information Disclosure (CVE-2016-4784)

A vulnerability has been identified in firmware variant PROFINET IO for EN100 Ethernet module : All versions V1.04.01; Firmware variant Modbus TCP for EN100 Ethernet module : All versions V1.11.00; Firmware variant DNP3 TCP for EN100 Ethernet module : All versions V1.03; Firmware variant IEC 104...

Schneider Electric Modicon Controllers Uncaught Exception (CVE-2019-6808)

A CWE-284: Improper Access Control vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause a remote code execution by overwriting configuration settings of the controller over Modbus. This plugin only works with Tenable.ot...

Schneider Electric Modicon Controllers Improper Check For Unusual or Exceptional Conditions (CVE-2019-6819)

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists which could cause a possible Denial of Service when specific Modbus frames are sent to the controller in the products: Modicon M340 - firmware versions prior to V3.01, Modicon M580 - firmware versions prior to...

Schneider Electric Modicon Controllers Uncaught Exception (CVE-2018-7856)

A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause a possible denial of Service when writing invalid memory blocks to the controller over Modbus. This plugin only works with Tenable.ot. Pleas...

Schneider Electric Modicon Controllers Improper Access Control (CVE-2018-7847)

A CWE-284: Improper Access Control vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause denial of service or potential code execution by overwriting configuration settings of the controller over Modbus. This plugin only wor...

Schneider Electric Modicon Controllers Uncaught Exception (CVE-2018-7854)

A CWE-248 Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause a denial of Service when sending invalid debug parameters to the controller over Modbus. This plugin only works with Tenable.ot. Please visit...

Schneider Electric Modicon Controllers Trust Boundary Violation (CVE-2018-7846)

A CWE-501: Trust Boundary Violation vulnerability on connection to the Controller exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum and Modicon Premium which could cause unauthorized access by conducting a brute force attack on Modbus protocol to the controller. This plugi...

Schneider Electric Modicon Controllers Improper Check For Unusual or Exceptional Conditions (CVE-2018-7794)

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium see security notification for specific versions which could cause a Denial of Service when reading data with invalid index using Modbus TCP. This...

Schneider Electric Modicon Controllers Uncaught Exception (CVE-2018-7853)

A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause denial of service when reading invalid physical memory blocks in the controller over Modbus This plugin only works with Tenable.ot. Please...

Schneider Electric Modicon Controllers Uncaught Exception (CVE-2019-6807)

A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause a possible denial of service when writing sensitive application variables to the controller over Modbus. This plugin only works with...

Schneider Electric Modicon Controllers Improper Check For Unusual or Exceptional Conditions (CVE-2019-6857)

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium see security notification for specific versions which could cause a Denial of Service of the controller when reading specific memory blocks using...

Rockwell Automation MicroLogix 1400 Buffer Copy Without Checking Size of Input (CVE-2021-22659)

Rockwell Automation MicroLogix 1400 Version 21.6 and below may allow a remote unauthenticated attacker to send a specially crafted Modbus packet allowing the attacker to retrieve or modify random values in the register. If successfully exploited, this may lead to a buffer overflow resulting in a...

Schneider Electric Modicon Controllers Exposure of Sensitive Information to an Unauthorized Actor (CVE-2018-7848)

A CWE-200: Information Exposure vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause the disclosure of SNMP information when reading files from the controller over Modbus This plugin only works with Tenable.ot. Please visit...

Schneider Electric Modicon Controllers Out-of-Bounds Read (CVE-2018-7845)

A CWE-125: Out-of-bounds Read vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause the disclosure of unexpected data from the controller when reading specific memory blocks in the controller over Modbus. This plugin only...

Schneider Electric PowerLogic PM55xx and PowerLogic PM8ECC Improper Authentication (CVE-2021-22764)

A CWE-287: Improper Authentication vulnerability exists in PowerLogic PM55xx, PowerLogic PM8ECC, PowerLogic EGX100 and PowerLogic EGX300 see security notification for version infromation that could cause loss of connectivity to the device via Modbus TCP protocol when an attacker sends a specially...

Rockwell Automation Allen-Bradley MicroLogix 1400 Controllers Buffer Copy Without Checking Size of Input (CVE-2017-16740)

A Buffer Overflow issue was discovered in Rockwell Automation Allen- Bradley MicroLogix 1400 Controllers, Series B and C Versions 21.002 and earlier. The stack-based buffer overflow vulnerability has been identified, which may allow remote code execution. This plugin only works with Tenable.ot...