1659 matches found
CVE-2020-7537
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum & Modicon Premium see security notifications for affected versions, that could cause denial of service when a specially crafted Read Physical Memo...
Design/Logic Flaw
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum & Modicon Premium see security notifications for affected versions, that could cause denial of service when a specially crafted Read Physical Memo...
Design/Logic Flaw
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum & Modicon Premium see security notifications for affected versions, that could cause denial of service when a specially crafted Read Physical Memo...
Design/Logic Flaw
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum & Modicon Premium see security notifications for affected versions, that could cause denial of service when a specially crafted Read Physical Memo...
CVE-2020-7543
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum & Modicon Premium see security notifications for affected versions, that could cause denial of service when a specially crafted Read Physical Memo...
CVE-2020-7542
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum & Modicon Premium see security notifications for affected versions, that could cause denial of service when a specially crafted Read Physical Memo...
CVE-2020-7537
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum & Modicon Premium see security notifications for affected versions, that could cause denial of service when a specially crafted Read Physical Memo...
CVE-2020-7537
CVE-2020-7537 affects Schneider Electric Modicon M580, M340, and legacy Quantum/Premium controllers. The root cause is an improper check for unusual or exceptional conditions (CWE-754) that can allow a remote attacker to trigger denial of service by sending a specially crafted Read Physical Memor...
PT-2020-19620 · Schneider Electric · Modicon M580 +3
Name of the Vulnerable Software and Affected Versions: Modicon M580 affected versions not specified Modicon M340 affected versions not specified Legacy Controllers Modicon Quantum affected versions not specified Legacy Controllers Modicon Premium affected versions not specified Description: A...
PT-2020-19621 · Schneider Electric · Modicon M580 +3
Name of the Vulnerable Software and Affected Versions: Modicon M580 affected versions not specified Modicon M340 affected versions not specified Legacy Controllers Modicon Quantum affected versions not specified Legacy Controllers Modicon Premium affected versions not specified Description: A...
PT-2020-6372 · Schneider Electric · Modicon M580 +3
Name of the Vulnerable Software and Affected Versions: Modicon M580 affected versions not specified Modicon M340 affected versions not specified Legacy Controllers Modicon Quantum affected versions not specified Modicon Premium affected versions not specified Description: A vulnerability exists...
Schneider Electric EcoStruxure Control Expert PLC Simulator Modbus message processing remote code execution vulnerability
Summary A code execution vulnerability exists in the Modbus message-processing functionality of Schneider Electric EcoStruxure Control Expert PLC Simulator 14.1. A specially crafted network request can lead to remote code execution. An attacker can send a large Modbus request to trigger this...
The vulnerability of the Modbus terminal protocol implementation in the EKRA 200 microprocessor series allows a hacker to execute any Modbus command and alter the controller’s configuration, including modifying the control program and executing arbitrary code.
The vulnerability of the Modbus microprogramming software for ECUs exists due to the lack of authentication for any Modbus protocol commands. Exploiting this vulnerability allows a malicious actor to execute any Modbus command remotely and alter the controller’s configuration, including modifying...
Design/Logic Flaw
Out-of-bounds read vulnerability in GT21 model of GOT2000 series GT2107-WTBD V01.39.000 and earlier, GT2107-WTSD V01.39.000 and earlier, GT2104-RTBD V01.39.000 and earlier, GT2104-PMBD V01.39.000 and earlier, and GT2103-PMBD V01.39.000 and earlier, GS21 model of GOT series GS2110-WTBD V01.39.000...
Multiple Schneider Electric Product Security Feature Issue Vulnerabilities
Schneider Electric Acti9 Smartlink SI D is a smart interface unit that realizes data communication between Acti9 electrical devices and Modbus devices. Schneider Electric Acti9 Smartlink SI D is an intelligent interface unit that enables data communication between Acti9 electrical devices and...
Schneider Electric EcoStruxure Control Expert Command Execution Vulnerability
Schneider Electric EcoStruxure Control Expert is the universal programming, commissioning and operating software for the Modicon M340, M580, M580S, Premium, Momentum and Quantum series. A command execution vulnerability exists in Schneider Electric EcoStruxure Control Expert. The vulnerability...
Unspecified Vulnerability in Schneider Electric EcoStruxure Control Expert
EcoStruxure Control Expert is the universal programming, debugging and operating software for the Modicon M340, M580, M580S, Premium, Momentum and Quantum series. A security vulnerability exists in PLC Simulator in EcoStruxure Control Expert. The vulnerability can be exploited by an attacker to...
CVE-2020-7538
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in PLC Simulator on EcoStruxureª Control Expert now Unity Pro all versions that could cause a crash of the PLC simulator present in EcoStruxureª Control Expert software when receiving a specially crafted request...
CVE-2020-7559
A CWE-120: Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability exists in PLC Simulator on EcoStruxureª Control Expert now Unity Pro all versions that could cause a crash of the PLC simulator present in EcoStruxureª Control Expert software when receiving a specially...
CVE-2020-28212
A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists in PLC Simulator on EcoStruxureª Control Expert now Unity Pro all versions that could cause unauthorized command execution when a brute force attack is done over Modbus...