71 matches found
CVE-2021-22749
A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in Modicon X80 BMXNOR0200H RTU SV1.70 IR22 and prior that could cause information leak concerning the current RTU configuration including communication parameters dedicated to telemetry, when a specially...
EUVD-2022-37708
Malicious code in bioql PyPI...
EUVD-2022-37711
Malicious code in bioql PyPI...
EUVD-2022-37709
Malicious code in bioql PyPI...
EUVD-2022-37707
Malicious code in bioql PyPI...
EUVD-2021-9884
Malicious code in bioql PyPI...
EUVD-2022-37713
Malicious code in bioql PyPI...
EUVD-2022-37712
Malicious code in bioql PyPI...
EUVD-2022-37710
Malicious code in bioql PyPI...
Schneider Electric Modicon X80 Exposure of Sensitive Information to an Unauthorized Actor (CVE-2021-22749)
A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in Modicon X80 BMXNOR0200H RTU SV1.70 IR22 and prior that could cause information leak concerning the current RTU configuration including communication parameters dedicated to telemetry, when a specially...
Schneider Electric Modicon Improper Privilege Management (CVE-2022-0222)
A CWE-269: Improper Privilege Management vulnerability exists that could cause a denial of service of the Ethernet communication of the controller when sending a specific request over SNMP. Affected products: Modicon M340 CPUsBMXP34 versions prior to V3.40, Modicon M340 X80 Ethernet Communication...
Schneider Electric Modicon Path Traversal (CVE-2022-34762)
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability exists that could cause unauthorized firmware image loading when unsigned images are added to the firmware image path. Affected Products: X80 advanced RTU Communication Module BMENOR2200H V2.01 an...
Schneider Electric Modicon NULL Pointer Dereference (CVE-2022-34761)
A CWE-476: NULL Pointer Dereference vulnerability exists that could cause a denial of service of the webserver when parsing JSON content type. Affected Products: X80 advanced RTU Communication Module BMENOR2200H V2.01 and later, OPC UA Modicon Communication Module BMENUA0100 V1.10 and prior - A...
Schneider Electric Modicon Out-of-bounds Write (CVE-2022-34759)
A CWE-787: Out-of-bounds Write vulnerability exists that could cause a denial of service of the webserver due to improper parsing of the HTTP Headers. Affected Products: X80 advanced RTU Communication Module BMENOR2200H V1.0, OPC UA Modicon Communication Module BMENUA0100 V1.10 and prior - A...
Schneider Electric Modicon Insufficient Verification of Data Authenticity (CVE-2022-34763)
A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists that could cause loading of unauthorized firmware images due to improper verification of the firmware signature. Affected Products: X80 advanced RTU Communication Module BMENOR2200H V2.01 and later, OPC UA Modicon...
Schneider Electric Modicon Infinite Loop (CVE-2022-34760)
A CWE-835: Loop with Unreachable Exit Condition 'Infinite Loop' vulnerability exists that could cause a denial of service of the webserver due to improper handling of the cookies. Affected Products: X80 advanced RTU Communication Module BMENOR2200H V1.0, OPC UA Modicon Communication Module...
Schneider Electric Modicon Improper Restriction of Operations within the Bounds of a Memory Buffer (CVE-2022-34764)
A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause denial of service when parsing the URL. Affected Products: X80 advanced RTU Communication Module BMENOR2200H V1.0, OPC UA Modicon Communication Module BMENUA0100 V1.10 and prio...
The vulnerabilities of the microprogramming software for the OPC UA Modicon Communication Module (BMENUA0100) and the X80 advanced RTU Communication Module (BMENOR2200H) allow attackers to cause service interruptions.
The vulnerability of the microprogramming software for the OPC UA Modicon Communication Module BMENUA0100 and the X80 advanced RTU Communication Module BMENOR2200H is related to incorrect external control via name or file. Exploiting this vulnerability can allow an attacker to cause service...
The vulnerabilities of the microprogramming software for the OPC UA Modicon Communication Module (BMENUA0100) and the X80 advanced RTU Communication Module (BMENOR2200H) allow attackers to cause service interruptions.
The vulnerability of the microprogramming software for the OPC UA Modicon Communication Module BMENUA0100 and the X80 advanced RTU Communication Module BMENOR2200H is related to errors in cookie file processing. Exploiting this vulnerability can allow a remote attacker to cause service failures...
The vulnerabilities of the microprogramming software for the OPC UA Modicon Communication Module (BMENUA0100) and the X80 advanced RTU Communication Module (BMENOR2200H) allow attackers to load malicious software into the system.
The vulnerability of the microprogramming software for the OPC UA Modicon Communication Module BMENUA0100 and the X80 advanced RTU Communication Module BMENOR2200H is related to an incorrect limitation on the path name to the restricted access directory. Exploiting this vulnerability could allow ...