A CWE-352: Cross-Site Request Forgery (CSRF) vulnerability exists on the web server used, that could cause a leak of sensitive data or unauthorized actions on the web server during the time the user is logged in. Affected Products: Modicon M340 CPUs: BMXP34 (All Versions), Modicon Quantum CPUs with...
8.8CVSS
8.7AI Score
0.001EPSS
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists thatcould cause denial of service of the controller when a malicious project file is loaded onto thecontroller by an authenticated user.
6.5CVSS
6.4AI Score
0.001EPSS