11 matches found
CVE-2022-45788
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality & integrity when a malicious project file is loaded onto the controller. Affected Products: EcoStruxure Control Expert All...
CVE-2022-37301
A CWE-191: Integer Underflow Wrap or Wraparound vulnerability exists that could cause a denial of service of the controller due to memory access violations when using the Modbus TCP protocol. Affected products: Modicon M340 CPU part numbers BMXP34V3.40 and prior, Modicon M580 CPU part numbers BME...
CVE-2021-22786
A CWE-200: Information Exposure vulnerability exists that could cause the exposure of sensitive information stored on the memory of the controller when communicating over the Modbus TCP protocol. Affected Products: Modicon M340 CPU part numbers BMXP34 Versions prior to V3.30, Modicon M580 CPU par...
CVE-2021-22786
A CWE-200: Information Exposure vulnerability exists that could cause the exposure of sensitive information stored on the memory of the controller when communicating over the Modbus TCP protocol. Affected Products: Modicon M340 CPU part numbers BMXP34 Versions prior to V3.30, Modicon M580 CPU par...
CVE-2022-45788
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality & integrity when a malicious project file is loaded onto the controller. Affected Products: EcoStruxure Control Expert All...
CVE-2022-45788
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality & integrity when a malicious project file is loaded onto the controller. Affected Products: EcoStruxure Control Expert All...
CVE-2022-45788
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality & integrity when a malicious project file is loaded onto the controller. Affected Products: EcoStruxure Control Expert All...
CVE-2022-45788
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality & integrity when a malicious project file is loaded onto the controller. Affected Products: EcoStruxure Control Expert All...
PT-2023-1079 · Schneider Electric · Modicon M580 Cpu +7
Name of the Vulnerable Software and Affected Versions: EcoStruxure Control Expert All Versions EcoStruxure Process Expert All Versions Modicon M340 CPU - part numbers BMXP34 All Versions Modicon M580 CPU - part numbers BMEP and BMEH All Versions Modicon M580 CPU Safety - part numbers BMEP58S and...
Schneider Electric Modicon Integer Underflow (CVE-2022-37301)
A CWE-191: Integer Underflow Wrap or Wraparound vulnerability exists that could cause a denial of service of the controller due to memory access violations when using the Modbus TCP protocol. Affected products: Modicon M340 CPU part numbers BMXP34V3.40 and prior, Modicon M580 CPU part numbers BME...
PT-2022-4153 · Schneider Electric · Legacy Modicon Quantum +5
Name of the Vulnerable Software and Affected Versions: Modicon M340 CPU versions prior to V3.30 Modicon M580 CPU versions prior to SV3.20 Modicon MC80 versions prior to V1.6 Modicon M580 CPU Safety version all Modicon Momentum MDI versions prior to V2.3 Legacy Modicon Quantum version all...