28 matches found
EUVD-2019-16367
Malware in sbrugna...
EUVD-2019-16385
Malware in sbrugna...
EUVD-2019-16364
Malware in sbrugna...
The vulnerability of the microprogramming software of Schneider Electric’s programmable logic controller Modicon M340 and its network modules BMXNOE0100, BMXNOE0110, and BMXNOR0200H lies in the insufficient protection of operational data. This allows unauthorized access by intruders to read, modify, or delete data, or to cause malfunctions in the system.
The vulnerability of the microprogramming software of Schneider Electric’s Modicon M340 programmable logic controller, as well as the network modules BMXNOE0100, BMXNOE0110, and BMXNOR0200H, is related to insufficient protection for operational data. Exploiting this vulnerability can allow an...
CVE-2019-6810
CWE-284: Improper Access Control vulnerability exists in BMXNOR0200H Ethernet / Serial RTU module all firmware versions, which could cause the execution of commands by unauthorized users when using IEC 60870-5-104 protocol...
CVE-2019-6813
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in BMXNOR0200H Ethernet / Serial RTU module all firmware versions and Modicon M340 controller all firmware versions, which could cause denial of service when truncated SNMP packets on port 161/UDP are received by...
Schneider Electric Modicon M340 and BMXNOE0100/0110, BMXNOR0200H Exposure of Sensitive Information to an Unauthorized Actor (CVE-2024-12142)
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that could cause information disclosure of restricted web page, modification of web page and denial of service when specific web pages are modified and restricted functions are invoked. This plugin only works...
Schneider Electric Modicon Ethernet Serial RTU Improper Check For Unusual or Exceptional Conditions (CVE-2019-6813)
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in BMXNOR0200H Ethernet / Serial RTU module all firmware versions and Modicon M340 controller all firmware versions, which could cause denial of service when truncated SNMP packets on port 161/UDP are received by...
CVE-2020-7534
CVE-2020-7534 is a CSRF vulnerability affecting Schneider Electric Modicon web servers. Affected products include M340 BMXP34, Quantum CPUs 140CPU65, Premium CPUs TSXP57, M340 ethernet modules BMXNOC0401/BMXNOE01/BMXNOR0200H, and Quantum/Premium factory cast modules 140NOE77111, 140NOC78*00, TSXE...
Design/Logic Flaw
A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in Modicon X80 BMXNOR0200H RTU SV1.70 IR22 and prior that could cause information leak concerning the current RTU configuration including communication parameters dedicated to telemetry, when a specially...
CVE-2021-22749
CVE-2021-22749 affects Schneider Electric Modicon X80 BMXNOR0200H RTU SV1.70 IR22 and earlier. A CWE-200 vulnerability allows an unauthenticated remote attacker to cause information disclosure by sending a crafted HTTP request to the module’s web server, leaking current RTU configuration and tele...
Schneider Electric Modicon M340 Code Issue Vulnerability
The Schneider Electric Modicon M340 is a mid-range PLC Programmable Logic Controller for industrial processes and infrastructure from Schneider Electric France. A security vulnerability exists in the Modicon that could be exploited by an attacker to cause a denial of service on the device. The...
Schneider Electric Modicon Ethernet Serial RTU
1. EXECUTIVE SUMMARY CVSS v3 8.6 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Schneider Electric Equipment: Modicon BMXNOR0200H Vulnerabilities: Improper Check for Unusual or Exceptional Conditions, Improper Access Control 2. RISK EVALUATION Successful exploitation of these...
Schneider Electric BMXNOR0200H Ethernet/Serial RTU Module Access Control Error Vulnerability
The Schneider Electric BMXNOR0200H Ethernet/Serial RTU module is an Ethernet Serial RTU Remote Terminal Unit module from Schneider Electric, France. An access control error vulnerability exists in the Schneider Electric BMXNOR0200H Ethernet/Serial RTU module. The vulnerability arises from the...
Schneider Electric BMXNOR0200H Ethernet/Serial RTU module Access Control Error Vulnerability
The Schneider Electric BMXNOR0200H Ethernet/Serial RTU module is an Ethernet Serial RTU Remote Terminal Unit module from Schneider Electric, France. An access control error vulnerability exists in the Schneider Electric BMXNOR0200H Ethernet/Serial RTU module. The vulnerability arises from the...
CVE-2019-6810
CWE-284: Improper Access Control vulnerability exists in BMXNOR0200H Ethernet / Serial RTU module all firmware versions, which could cause the execution of commands by unauthorized users when using IEC 60870-5-104 protocol...
Design/Logic Flaw
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in BMXNOR0200H Ethernet / Serial RTU module all firmware versions, which could cause disconnection of active connections when an unusually high number of IEC 60870- 5-104 packets are received by the module on por...
Improper access control
CWE-284: Improper Access Control vulnerability exists in BMXNOR0200H Ethernet / Serial RTU module all firmware versions, which could cause the execution of commands by unauthorized users when using IEC 60870-5-104 protocol...
Design/Logic Flaw
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in BMXNOR0200H Ethernet / Serial RTU module all firmware versions and Modicon M340 controller all firmware versions, which could cause denial of service when truncated SNMP packets on port 161/UDP are received by...
CVE-2019-6813
The CVE-2019-6813 vulnerability affects Schneider Electric BMXNOR0200H Ethernet/Serial RTU modules and Modicon M340 controllers (all firmware versions). It is a CWE-754 improper check for unusual or exceptional conditions that could cause a denial of service when truncated SNMP packets are receiv...