3 matches found
CVE-2021-22786
A CWE-200: Information Exposure vulnerability exists that could cause the exposure of sensitive information stored on the memory of the controller when communicating over the Modbus TCP protocol. Affected Products: Modicon M340 CPU part numbers BMXP34 Versions prior to V3.30, Modicon M580 CPU par...
CVE-2022-45789
A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause execution of unauthorized Modbus functions on the controller when hijacking an authenticated Modbus session. Affected Products: EcoStruxure Control Expert All Versions, EcoStruxure Process Expert All Versions...
PT-2023-1236 · Schneider Electric · Ecostruxure Process Expert +4
Name of the Vulnerable Software and Affected Versions: EcoStruxure Control Expert versions prior to V2020 EcoStruxure Process Expert versions prior to V2020 Modicon M340 CPU versions prior to the latest version Modicon M580 CPU versions prior to the latest version Modicon M580 CPU Safety versions...