Schneider Electric Web Server on Modicon M340 Out-of-Bounds Read (CVE-2020-7562)

A CWE-125: Out-of-Bounds Read vulnerability exists in the Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules see notification for details which could cause a segmentation fault or a buffer overflow when uploading a specially crafted file ...

Schneider Electric Web Server on Modicon M340 Out-of-Bounds Write (CVE-2020-7563)

A CWE-787: Out-of-bounds Write vulnerability exists in the Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules see notification for details which could cause corruption of data, a crash, or code execution when uploading a specially crafted...

Schneider Electric UnityPro PLC simulator remote code execution vulnerability

Summary An exploitable remote code execution vulnerability exists in the UMAS strategy programming functionality of the Schneider Electric Unity Pro L Programming Software PLC Simulator. A specially crafted sequence of UMAS commands sent to the software’s PLC simulator can cause a modified strate...

Schneider Electric Modicon M580 UnityPro reliance on untrusted inputs vulnerability

Summary An exploitable reliance on untrusted inputs vulnerability exists in the strategy transfer function of the Schneider Electric Unity Pro L Programming Software. When a specially crafted strategy is programmed to a Modicon M580 Programmable Automation Controller, and UnityProL is used to rea...

Modicon Modbus/TCP UnityPro Programming Function Code Access

Binary data scadamodbusmodiconproject.nbin...