The vulnerability of the microprogrammed software of Schneider Electric Modicon programmable logic controllers, related to the lack of necessary checks during password changes, allows unauthorized access to the password-changing function of the web server.

The vulnerability of the microprogrammed logic controllers from Schneider Electric Modicon lies in the lack of necessary checks during password changes. Exploiting this vulnerability could allow unauthorized individuals to gain access to the password-changing function of the web server...

The vulnerability of microprogrammed logic controllers from Schneider Electric Modicon, related to insufficient protection of the web page structure, allows attackers to inject JavaScript that will be executed in the user’s browser.

The vulnerability of the microprogrammed logic controllers from Schneider Electric Modicon relates to insufficient protection of the web page structure. Exploiting this vulnerability allows an intruder to inject JavaScript, which will be executed in the user’s browser...

The vulnerability of Modicon microprogrammed control devices, related to insufficient verification of input data, allows attackers to redirect users to malicious websites.

The vulnerability of Modicon controller microprogramming software is related to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor to redirect users to a malicious website remotely...

The vulnerability of microprogrammed software in Schneider Electric’s Modicon Premium, Modicon Quantum, Modicon M340, and Modicon BMXNOR0200 programmable logic controllers arises from an operation that escapes the buffer boundaries into memory, allowing a malicious actor to trigger a service failure.

The vulnerability of microprogrammed software in Schneider Electric’s Modicon Premium, Modicon Quantum, Modicon M340, and Modicon BMXNOR0200 programmable logic controllers arises from the execution of an operation outside the buffer boundaries in memory. Exploiting this vulnerability can allow a...

CVE-2018-7241

Hard coded accounts exist in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communication modules...

PT-2018-1294 · Schneider Electric · Modicon M340 +3

Name of the Vulnerable Software and Affected Versions: Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers affected versions not specified Description: The issue is related to hard-coded accounts in the communication modules of the affected controllers...

Multiple Schneider Electric Modicon Product TCP Initial Serial Number Prediction Vulnerabilities

Schneider-Electric Modicon M251 and others are programmable controller products of Schneider Electric France. A security vulnerability exists in a number of Schneider Electric Modicon products, which arises from a program's failure to generate a sufficient number of random TCP initial serial...

Multiple Schneider Electric Modicon Product Session Fixation Vulnerabilities

Schneider-Electric Modicon M251 and others are programmable controller products of Schneider Electric France. A security vulnerability exists in multiple Schneider Electric Modicon products. An attacker could exploit the vulnerability to take control of the current session...

PT-2017-3707 · Schneider Electric · Modicon M340 +3

Name of the Vulnerable Software and Affected Versions: Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers affected versions not specified Description: The issue concerns a vulnerable hash algorithm used for password encryption in the communication...