Schneider Electric多款产品 安全漏洞

Schneider Electric Modicon M241, among others, are programmable logic controllers produced by Schneider Electric, a French company. Several products from Schneider Electric have security vulnerabilities. These vulnerabilities stem from improper resource closure or release procedures, which may...

Schneider Electric多款产品 跨站脚本漏洞

Schneider Electric Modicon M258 is a product of the French company Schneider Electric. Schneider Electric Modicon M258 is a programmable automation controller. Schneider Electric Modicon M241 is a programmable logic controller. Schneider Electric Modicon M251 is also a programmable logic...

CVE-2021-22699

Improper Input Validation vulnerability exists in Modicon M241/M251 logic controllers firmware prior to V5.1.9.1 that could cause denial of service when specific crafted requests are sent to the controller over HTTP...

EUVD-2019-16374

Malware in sbrugna...

EUVD-2021-9834

Malicious code in bioql PyPI...

Schneider Electric Modicon Controllers Improper Neutralization of Input During Web Page Generation (CVE-2024-6528)

CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability exists that could cause a vulnerability leading to a cross-site scripting condition where attackers can have a victim's browser run arbitrary JavaScript when they visit a page containing the...

Schneider Electric Modicon Cleartext Transmission of Sensitive Information (CVE-2020-7488)

A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists which could leak sensitive information transmitted between the software and the Modicon M218, M241, M251, and M258 controllers. This plugin only works with Tenable.ot. Please visit...

Schneider Electric Modicon Improper Input Validation (CVE-2021-22699)

Improper Input Validation vulnerability exists in Modicon M241/M251 logic controllers firmware prior to V5.1.9.1 that could cause denial of service when specific crafted requests are sent to the controller over HTTP. This plugin only works with Tenable.ot. Please visit...

Vulnerabilities fixed in Schneider Electric Modicon M241/M251

Schneider Electric has fixed vulnerabilities in the CODESYS web server and gateway components of Modicon M241 and M251 controllers. An unauthenticated remote malicious person could potentially exploit the vulnerabilities to cause a denial-of-service cause or execute arbitrary code with the...

CVE-2021-22699

Improper Input Validation vulnerability exists in Modicon M241/M251 logic controllers firmware prior to V5.1.9.1 that could cause denial of service when specific crafted requests are sent to the controller over HTTP...

CVE-2021-22699

Improper Input Validation vulnerability exists in Modicon M241/M251 logic controllers firmware prior to V5.1.9.1 that could cause denial of service when specific crafted requests are sent to the controller over HTTP...

Input validation

Improper Input Validation vulnerability exists in Modicon M241/M251 logic controllers firmware prior to V5.1.9.1 that could cause denial of service when specific crafted requests are sent to the controller over HTTP...

CVE-2021-22699

CVE-2021-22699 affects Schneider Electric Modicon M241/M251 PLCs. The issue is an improper input validation in firmware prior to v5.1.9.1, which could cause a denial of service when specific crafted HTTP requests are received. Red Hat and Tenable references corroborate this description. Impact is...

CVE-2021-22699

Improper Input Validation vulnerability exists in Modicon M241/M251 logic controllers firmware prior to V5.1.9.1 that could cause denial of service when specific crafted requests are sent to the controller over HTTP...

Schneider Electric 输入验证错误漏洞

An input validation error vulnerability exists in Schneider Electric that stems from an incorrect input validation vulnerability in the Modicon M241/M251 Logic Controller firmware prior to V5.1.9.1, which could result in a denial of service when an attacker sends a carefully crafted request to th...

CVE-2020-7487

A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists which could allow the attacker to execute malicious code on the Modicon M218, M241, M251, and M258 controllers...

CVE-2020-7488

A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists which could leak sensitive information transmitted between the software and the Modicon M218, M241, M251, and M258 controllers...

Design/Logic Flaw

A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists which could leak sensitive information transmitted between the software and the Modicon M218, M241, M251, and M258 controllers...

Design/Logic Flaw

A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists which could allow the attacker to execute malicious code on the Modicon M218, M241, M251, and M258 controllers...

CVE-2020-7488

The CVE-2020-7488 issue concerns a CWE-319 vulnerability (Cleartext Transmission of Sensitive Information) that could leak sensitive data transmitted between Schneider Electric’s Modicon controllers (M218, M241, M251, M258) and associated software. The root cause is insecure cleartext transmissio...