Lucene search
K

13 matches found

CISA
CISA
added 2025/04/17 12:0 p.m.3 views

CISA Releases Six Industrial Control Systems Advisories

CISA released six Industrial Control Systems ICS advisories on April 17, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-107-01 Schneider Electric Trio Q Licensed Data Radio ICSA-25-107-02 Schneider Electric...

7AI score
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/02/05 10:26 p.m.16 views

CVE-2022-45788

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality & integrity when a malicious project file is loaded onto the controller. Affected Products: EcoStruxure Control Expert All...

9.8CVSS7.5AI score0.01163EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/12/09 12:0 a.m.6 views

The vulnerability of microprogrammed software for Schneider Electric Modicon M340 CPU BMXP34, Modicon MC80 BMKC80, and Modicon Momentum Unity M1E Processor 171CBU lies in the lack of checks for the integrity of messages during transmission over communication channels. This allows attackers to disclose sensitive information or cause malfunctions in the system.

The vulnerability of microprogrammed logic controllers PLCs from Schneider Electric, such as the Modicon M340 CPU BMXP34, Modicon MC80 BMKC80, and Modicon Momentum Unity M1E Processor 171CBU, stems from the lack of checks for the integrity of messages during transmission over communication...

7.6CVSS5.5AI score0.00281EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/11/15 12:0 a.m.6 views

The vulnerability of the Modbus protocol implementation in Schneider Electric’s programmable logic controllers (PLCs), such as the Modicon M340 CPU BMXP34, Modicon MC80 BMKC80, and Modicon Momentum Unity M1E Processor 171CBU, allows a attacker to execute a “man-in-the-middle” attack.

The vulnerability of the Modbus protocol implementation in Schneider Electric’s programmable logic controllers PLCs such as Modicon M340 CPU BMXP34, Modicon MC80 BMKC80, and Modicon Momentum Unity M1E Processor 171CBU lies in the execution of operations outside the buffer in memory. Exploiting th...

8.1CVSS6.1AI score0.00573EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/03/09 12:0 a.m.36 views

Schneider Electric EcoStruxure Products, Modicon PLCs, and Programmable Automation Controllers Improper Check For Unusual or Exceptional Conditions (CVE-2022-45788)

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality & integrity when a malicious project file is loaded onto the controller. Affected Products: EcoStruxure Control Expert All...

9.8CVSS9AI score0.01163EPSS
Exploits0References3
NVD
NVD
added 2023/01/30 1:15 p.m.30 views

CVE-2022-45788

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality & integrity when a malicious project file is loaded onto the controller. Affected Products: EcoStruxure Control Expert All...

9.8CVSS8.9AI score0.01163EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2023/01/30 1:15 p.m.8 views

CVE-2022-45788

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality & integrity when a malicious project file is loaded onto the controller. Affected Products: EcoStruxure Control Expert All...

9.8CVSS7.7AI score0.01163EPSS
Exploits0References2
Prion
Prion
added 2023/01/30 1:15 p.m.21 views

Design/Logic Flaw

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality & integrity when a malicious project file is loaded onto the controller. Affected Products: EcoStruxure Control Expert All...

7.5CVSS9.5AI score0.01163EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/01/30 12:0 a.m.12 views

CVE-2022-45788

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality & integrity when a malicious project file is loaded onto the controller. Affected Products: EcoStruxure Control Expert All...

7.5CVSS9.6AI score0.01163EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/01/30 12:0 a.m.42 views

CVE-2022-45788

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality & integrity when a malicious project file is loaded onto the controller. Affected Products: EcoStruxure Control Expert All...

7.5CVSS9.7AI score0.01163EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/01/10 12:0 a.m.4 views

PT-2023-1079 · Schneider Electric · Modicon M580 Cpu +7

Name of the Vulnerable Software and Affected Versions: EcoStruxure Control Expert All Versions EcoStruxure Process Expert All Versions Modicon M340 CPU - part numbers BMXP34 All Versions Modicon M580 CPU - part numbers BMEP and BMEH All Versions Modicon M580 CPU Safety - part numbers BMEP58S and...

9.8CVSS9.7AI score0.01163EPSS
Exploits0References10
ICS
ICS
added 2023/01/10 12:0 a.m.75 views

Schneider Electric EcoStruxure Control Expert, Process Expert, Modicon M340, M580 and M580 CPU (Update A)

1. EXECUTIVE SUMMARY CVSS v3 8.1 ATTENTION: Exploitable remotely Vendor: Schneider Electric Equipment: EcoStruxure Control Expert, EcoStruxure Process Expert, Modicon M340 CPU, Modicon M580 CPU, Modicon Momentum Unity M1E Processor, Modicon MC80 Vulnerability: Authentication Bypass by...

9.8CVSS7.5AI score0.01443EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2019/07/05 12:0 a.m.15 views

Schneider Electric Modicon Momentum Unity M1E 171CBU98091 processor

Binary data 764537.prm...

7.3AI score
Exploits0
Rows per page
Query Builder