A CWE-306: Missing Authentication for Critical Function vulnerability exists which could cause a modification of device IP configuration (IP address, network mask and gateway IP address) when a specific Ethernet frame is received in all versions of: Modicon M100, Modicon M200, Modicon M221, ATV IMC...
8.2CVSS
8.1AI Score
0.001EPSS
CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-siteScripting') vulnerability exists that could cause a vulnerability leading to a cross-site scriptingcondition where attackers can have a victimβs browser run arbitrary JavaScript when they visit apage containing the inje...
6.1CVSS
5.5AI Score
0.0005EPSS