Modicon M218 Firmware Security Vulnerabilities and Issues — Modicon M218 Firmware CVE List

Lucene search

Schneider-electricModicon M218 Firmware

5 matches found

CVE•added 2020/04/22 7:15 p.m.•53 views

CVE-2020-7487

A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists which could allow the attacker to execute malicious code on the Modicon M218, M241, M251, and M258 controllers.

9.8CVSS9.5AI score0.00221EPSS

CVE•added 2020/06/16 8:15 p.m.•41 views

CVE-2020-7502

A CWE-787: Out-of-bounds Write vulnerability exists in Modicon M218 Logic Controller (Firmware version 4.3 and prior), which may cause a Denial of Service when specific TCP/IP crafted packets are sent to the Modicon M218 Logic Controller.

7.5CVSS7.3AI score0.00349EPSS

CVE•added 2020/08/31 5:15 p.m.•39 views

CVE-2020-7524

Out-of-bounds Write vulnerability exists in Modicon M218 Logic Controller (V5.0.0.7 and prior) which could cause Denial of Service when sending specific crafted IPV4 packet to the controller: Sending a specific IPv4 protocol package to Schneider Electric Modicon M218 Logic Controller can cause IPv4...

7.5CVSS7.4AI score0.00536EPSS

CVE•added 2022/02/11 6:15 p.m.•37 views

CVE-2021-22800

A CWE-20: Improper Input Validation vulnerability exists that could cause a Denial of Service when a crafted packet is sent to the controller over network port 1105/TCP. Affected Product: Modicon M218 Logic Controller (V5.1.0.6 and prior)

7.5CVSS7.4AI score0.00444EPSS

CVE•added 2020/04/22 7:15 p.m.•36 views

CVE-2020-7488

A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists which could leak sensitive information transmitted between the software and the Modicon M218, M241, M251, and M258 controllers.

7.5CVSS7.3AI score0.00188EPSS