17 matches found
Schneider Modicon M580/Quantum Communication Modules Out-of-bounds Write (CVE-2021-29999)
An issue was discovered in Wind River VxWorks through 6.8. There is a possible stack overflow in dhcp server. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...
Schneider Electric Modicon M340 Controller and Communication Modules Improper Input Validation (CVE-2025-6625)
CWE-20: Improper Input Validation vulnerability exists that could cause a Denial Of Service when specific crafted FTP command is sent to the device. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable...
CISA Releases Eleven Industrial Control Systems Advisories
CISA released eleven Industrial Control Systems ICS advisories on September 11, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-254-01 Siemens SIMOTION Tools ICSA-25-254-02 Siemens SIMATIC Virtualization as a...
Schneider Electric Modicon Controllers Externally Controlled Reference to a Resource in Another Sphere (CVE-2025-2875)
CWE-610: Externally Controlled Reference to a Resource in Another Sphere vulnerability exists that could cause a loss of confidentiality when an unauthenticated attacker manipulates controller's webserver URL to access resources. This plugin only works with Tenable.ot. Please visit...
CISA Releases Nine Industrial Control Systems Advisories
CISA released nine Industrial Control Systems ICS advisories on February 4, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-035-01 Western Telematic Inc NPS Series, DSM Series, CPM Series ICSA-25-035-02 Rockwe...
Schneider Modicon Remote START/STOP Command
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Schneider Modicon Remote START/STOP Command', 'Description' = %q The Schneider Modicon with Unity series of PLCs use Modbus function code 90 0x5a...
Schneider Modicon Quantum Password Recovery
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Schneider Modicon Quantum Password Recovery', 'Description' = %q The Schneider Modicon Quantum series of Ethernet cards store usernames and...
Schneider Modicon Ladder Logic Upload/Download
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Schneider Modicon Ladder Logic Upload/Download', 'Description' = %q The Schneider Modicon with Unity series of PLCs use Modbus function code 90...
Schneider Electric Modicon Controllers Improper Neutralization of Input During Web Page Generation (CVE-2024-6528)
CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability exists that could cause a vulnerability leading to a cross-site scripting condition where attackers can have a victim's browser run arbitrary JavaScript when they visit a page containing the...
The vulnerability of the programming software for PLCs (programmable logic controllers), EcoStruxure Control Expert, and the automation systems for technological processes, EcoStruxure Process Expert. This vulnerability relates to the lack of a password recovery mechanism, allowing attackers to gain read/write access via the Modbus protocol.
The vulnerabilities of the programming software for PLCs programmable logic controllers, the EcoStruxure Control Expert system for automating technological processes, and the micro-programming software for programmable logic controllers—such as Schneider Electric Modicon M340 and M580—are related...
Schneider Electric 输入验证错误漏洞
An input validation error vulnerability exists in Schneider Electric that stems from an incorrect input validation vulnerability in the Modicon M241/M251 Logic Controller firmware prior to V5.1.9.1, which could result in a denial of service when an attacker sends a carefully crafted request to th...
Multiple Schneider Electric Product Code Issue Vulnerabilities (CNVD-2020-02577)
The Schneider Electric Modicon M580 is a programmable automation controller.The Schneider Electric Modicon Premium is a large programmable logic controller PLC for discrete or process applications.The Schneider Electric Modicon Quantum is a large programmable logic controller PLC for process...
施耐德 Modicon M340 PLC Web登录验证栈溢出漏洞
No description provided by source...
Schneider Modicon M340 Device Default Credentials (HTTP)
The remote Schneider Modicon M340 device is using known default credentials. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Schneider Modicon Remote START/STOP Command
The Schneider Modicon with Unity series of PLCs use Modbus function code 90 0x5a to perform administrative commands without authentication. This module allows a remote user to change the state of the PLC between STOP and RUN, allowing an attacker to end process control by the PLC. This module is...
Schneider Modicon Ladder Logic Upload/Download
The Schneider Modicon with Unity series of PLCs use Modbus function code 90 0x5a to send and receive ladder logic. The protocol is unauthenticated, and allows a rogue host to retrieve the existing logic and to upload new logic. Two modes are supported: "SEND" and "RECV," which behave as one might...
Schneider Modicon Quantum Password Recovery
The Schneider Modicon Quantum series of Ethernet cards store usernames and passwords for the system in files that may be retrieved via backdoor access. This module is based on the original 'modiconpass.rb' Basecamp module from DigitalBond. This module requires Metasploit:...