Schneider Electric Modicon Controllers Uncaught Exception (CVE-2018-7849)

A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum and Modicon Premium which could cause a possible Denial of Service due to improper data integrity check when sending files the controller over Modbus. This plugin only works with...

Schneider Electric Modicon Controllers Uncaught Exception (CVE-2018-7853)

A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause denial of service when reading invalid physical memory blocks in the controller over Modbus This plugin only works with Tenable.ot. Please...

Schneider Electric Modicon Controllers Uncaught Exception (CVE-2019-6808)

A CWE-284: Improper Access Control vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause a remote code execution by overwriting configuration settings of the controller over Modbus. This plugin only works with Tenable.ot...

CVE-2022-22724

A CWE-400: Uncontrolled Resource Consumption vulnerability exists that could cause a denial of service on ports 80 HTTP and 502 Modbus, when sending a large number of TCP RST or FIN packets to any open TCP port of the PLC. Affected Product: Modicon M340 CPUs: BMXP34 All Versions...

CVE-2021-21964

A denial of service vulnerability exists in the Modbus configuration functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. Specially-crafted network packets can lead to denial of service. An attacker can send a malicious packet to trigger this vulnerability...

CVE-2021-21964

A denial of service vulnerability exists in the Modbus configuration functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. Specially-crafted network packets can lead to denial of service. An attacker can send a malicious packet to trigger this vulnerability...

Denial of service

A denial of service vulnerability exists in the Modbus configuration functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. Specially-crafted network packets can lead to denial of service. An attacker can send a malicious packet to trigger this vulnerability...

CVE-2022-22724

CVE-2022-22724 affects Schneider Electric Modicon M340 BMXP34 controllers (all versions). The root cause is CWE-400 Uncontrolled Resource Consumption, enabling a denial of service by flooding TCP ports 80 (HTTP) and 502 (Modbus) with a large number of RST/FIN packets to any open TCP port. Documen...

CVE-2022-22724

A CWE-400: Uncontrolled Resource Consumption vulnerability exists that could cause a denial of service on ports 80 HTTP and 502 Modbus, when sending a large number of TCP RST or FIN packets to any open TCP port of the PLC. Affected Product: Modicon M340 CPUs: BMXP34 All Versions...

CVE-2021-21964

A denial of service vulnerability exists in the Modbus configuration functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. Specially-crafted network packets can lead to denial of service. An attacker can send a malicious packet to trigger this vulnerability...

CVE-2021-21964

SeaConnect 370W v1.3.34 is affected by CVE-2021-21964. TALOS details two denial-of-service vectors in Modbus/SeaMAX Remote Configuration: unauthenticated Modbus over TCP (port 502) and SeaMAX API over UDP (port 30718). An attacker can remotely trigger reboot or alter configuration through crafted...

PT-2022-9218 · Unknown · Seaconnect 370W

Name of the Vulnerable Software and Affected Versions: SeaConnect 370W version 1.3.34 Description: A denial of service issue exists in the Modbus configuration functionality. Specially-crafted network packets can cause a denial of service. An attacker can send a malicious packet to trigger this...

Schneider Electric Modicon M340 资源管理错误漏洞

Schneider Electric Modicon M340 is a mid-range PLC programmable logic controller for industrial processes and infrastructure from Schneider Electric, France. The vulnerability can be exploited to send a large number of TCP RST or FIN packets to any open TCP port of the PLC, resulting in a denial ...

Sealevel Systems, Inc. SeaConnect 370W Modbus/SeaMAX Remote Configuration denial of service vulnerabilities

Summary Two denial of service vulnerabilities exist in the Modbus/SeaMAX Remote Configuration functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. Specially-crafted network packets can lead to denial of service. An attacker can send a malicious packet to trigger these vulnerabilities...

Sealevel Systems, Inc. SeaConnect 370W OTA update task file overwrite vulnerability

Summary A file write vulnerability exists in the OTA update task functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A specially-crafted MQTT payload can lead to arbitrary file overwrite. An attacker can perform a man-in-the-middle attack to trigger this vulnerability. Tested Version...

CVE-2021-22816

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause a Denial of Service of the RTU when receiving a specially crafted request over Modbus, and the RTU is configured as a Modbus server. Affected Products: SCADAPack 312E, 313E, 314E, 330E, 333E, 334...

CVE-2021-22816

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause a Denial of Service of the RTU when receiving a specially crafted request over Modbus, and the RTU is configured as a Modbus server. Affected Products: SCADAPack 312E, 313E, 314E, 330E, 333E, 334...

CVE-2021-22816

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause a Denial of Service of the RTU when receiving a specially crafted request over Modbus, and the RTU is configured as a Modbus server. Affected Products: SCADAPack 312E, 313E, 314E, 330E, 333E, 334...

CVE-2021-22816

The CVE-2021-22816 issue affects Schneider Electric SCADAPack RTUs (models 312E, 313E, 314E, 330E, 333E, 334E, 337E, 350E, 357E) running firmware 8.18.1 and earlier. The root cause is an improper check for unusual or exceptional conditions (CWE-754) that can lead to a Denial of Service when the R...

SCADAPack 代码问题漏洞

SCADAPack is a Schneider-electric intelligent field controller that combines the monitoring and communication capabilities of a Remote Terminal Unit RTU with the processing and data logging capabilities of a Programmable Logic Controller PLC to provide superior functionality for remote processes...