8 matches found
CVE-2022-45788
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality & integrity when a malicious project file is loaded onto the controller. Affected Products: EcoStruxure Control Expert All...
The vulnerability of the Modbus protocol implementation in Schneider Electric’s programmable logic controllers (PLCs), such as the Modicon M340 CPU BMXP34, Modicon MC80 BMKC80, and Modicon Momentum Unity M1E Processor 171CBU, allows a attacker to execute a “man-in-the-middle” attack.
The vulnerability of the Modbus protocol implementation in Schneider Electric’s programmable logic controllers PLCs such as Modicon M340 CPU BMXP34, Modicon MC80 BMKC80, and Modicon Momentum Unity M1E Processor 171CBU lies in the execution of operations outside the buffer in memory. Exploiting th...
CVE-2022-45788
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality & integrity when a malicious project file is loaded onto the controller. Affected Products: EcoStruxure Control Expert All...
Design/Logic Flaw
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality & integrity when a malicious project file is loaded onto the controller. Affected Products: EcoStruxure Control Expert All...
CVE-2022-45788
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality & integrity when a malicious project file is loaded onto the controller. Affected Products: EcoStruxure Control Expert All...
CVE-2022-45788
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality & integrity when a malicious project file is loaded onto the controller. Affected Products: EcoStruxure Control Expert All...
PT-2023-1079 · Schneider Electric · Modicon M580 Cpu +7
Name of the Vulnerable Software and Affected Versions: EcoStruxure Control Expert All Versions EcoStruxure Process Expert All Versions Modicon M340 CPU - part numbers BMXP34 All Versions Modicon M580 CPU - part numbers BMEP and BMEH All Versions Modicon M580 CPU Safety - part numbers BMEP58S and...
Schneider Electric EcoStruxure Control Expert, Process Expert, Modicon M340, M580 and M580 CPU (Update A)
1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely Vendor: Schneider Electric Equipment: EcoStruxure Control Expert, EcoStruxure Process Expert, Modicon M340 CPU, Modicon M580 CPU, Modicon Momentum Unity M1E Processor, Modicon MC80 Vulnerability: Authentication Bypass by...