Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 10:26 p.m.15 views

CVE-2022-45788

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality & integrity when a malicious project file is loaded onto the controller. Affected Products: EcoStruxure Control Expert All...

9.8CVSS7.5AI score0.01163EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/12/09 12:0 a.m.5 views

The vulnerability of microprogrammed software for Schneider Electric Modicon M340 CPU BMXP34, Modicon MC80 BMKC80, and Modicon Momentum Unity M1E Processor 171CBU lies in the lack of checks for the integrity of messages during transmission over communication channels. This allows attackers to disclose sensitive information or cause malfunctions in the system.

The vulnerability of microprogrammed logic controllers PLCs from Schneider Electric, such as the Modicon M340 CPU BMXP34, Modicon MC80 BMKC80, and Modicon Momentum Unity M1E Processor 171CBU, stems from the lack of checks for the integrity of messages during transmission over communication...

7.6CVSS5.5AI score0.00281EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/03/09 12:0 a.m.34 views

Schneider Electric EcoStruxure Products, Modicon PLCs, and Programmable Automation Controllers Improper Check For Unusual or Exceptional Conditions (CVE-2022-45788)

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality & integrity when a malicious project file is loaded onto the controller. Affected Products: EcoStruxure Control Expert All...

9.8CVSS9AI score0.01163EPSS
Exploits0References3
NVD
NVD
added 2023/01/30 1:15 p.m.30 views

CVE-2022-45788

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality & integrity when a malicious project file is loaded onto the controller. Affected Products: EcoStruxure Control Expert All...

9.8CVSS8.9AI score0.01163EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2023/01/30 1:15 p.m.6 views

CVE-2022-45788

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality & integrity when a malicious project file is loaded onto the controller. Affected Products: EcoStruxure Control Expert All...

9.8CVSS7.7AI score0.01163EPSS
Exploits0References2
Prion
Prion
added 2023/01/30 1:15 p.m.21 views

Design/Logic Flaw

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality & integrity when a malicious project file is loaded onto the controller. Affected Products: EcoStruxure Control Expert All...

7.5CVSS9.5AI score0.01163EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/01/30 12:0 a.m.38 views

CVE-2022-45788

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality & integrity when a malicious project file is loaded onto the controller. Affected Products: EcoStruxure Control Expert All...

7.5CVSS9.7AI score0.01163EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/01/10 12:0 a.m.4 views

PT-2023-1079 · Schneider Electric · Modicon M580 Cpu +7

Name of the Vulnerable Software and Affected Versions: EcoStruxure Control Expert All Versions EcoStruxure Process Expert All Versions Modicon M340 CPU - part numbers BMXP34 All Versions Modicon M580 CPU - part numbers BMEP and BMEH All Versions Modicon M580 CPU Safety - part numbers BMEP58S and...

9.8CVSS9.7AI score0.01163EPSS
Exploits0References10
ICS
ICS
added 2023/01/10 12:0 a.m.73 views

Schneider Electric EcoStruxure Control Expert, Process Expert, Modicon M340, M580 and M580 CPU (Update A)

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely Vendor: Schneider Electric Equipment: EcoStruxure Control Expert, EcoStruxure Process Expert, Modicon M340 CPU, Modicon M580 CPU, Modicon Momentum Unity M1E Processor, Modicon MC80 Vulnerability: Authentication Bypass by...

9.8CVSS7.5AI score0.01443EPSS
Exploits0References11
Rows per page
Query Builder