Modicon M241 Firmware Security Vulnerabilities and Issues — Modicon M241 Firmware CVE List

Lucene search

Schneider-electricModicon M241 Firmware

3 matches found

CVE•added 2017/06/30 3:29 a.m.•85 views

CVE-2017-6026

A Use of Insufficiently Random Values issue was discovered in Schneider Electric Modicon PLCs Modicon M241, firmware versions prior to Version 4.0.5.11, and Modicon M251, firmware versions prior to Version 4.0.5.11. The session numbers generated by the web application are lacking randomization and ...

9.1CVSS8.9AI score0.14763EPSS

CVE•added 2017/06/30 3:29 a.m.•68 views

CVE-2017-6028

An Insufficiently Protected Credentials issue was discovered in Schneider Electric Modicon PLCs Modicon M241, all firmware versions, and Modicon M251, all firmware versions. Log-in credentials are sent over the network with Base64 encoding leaving them susceptible to sniffing. Sniffed credentials c...

9.8CVSS9.3AI score0.0023EPSS

CVE•added 2020/04/22 7:15 p.m.•53 views

CVE-2020-7487

A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists which could allow the attacker to execute malicious code on the Modicon M218, M241, M251, and M258 controllers.

9.8CVSS9.5AI score0.00221EPSS