Modicon M340 Firmware Security Vulnerabilities and Issues — Modicon M340 Firmware CVE List

Lucene search

Schneider-electricModicon M340 Firmware

24 matches found

CVE•added 2020/01/06 11:15 p.m.•171 views

CVE-2018-7794

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium (see security notification for specific versions) which could cause a Denial of Service when reading data with invalid index using Modbus TCP.

7.5CVSS7.5AI score0.00389EPSS

CVE•added 2020/01/06 11:15 p.m.•154 views

CVE-2019-6857

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Modicon Quantum, Modicon Premium (see security notification for specific versions) which could cause a Denial of Service of the controller when reading specific memory blocks using Mo...

7.5CVSS7.5AI score0.00368EPSS

CVE•added 2020/01/06 11:15 p.m.•152 views

CVE-2019-6856

7.5CVSS7.3AI score0.00368EPSS

CVE•added 2019/09/17 8:15 p.m.•115 views

CVE-2019-6813

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in BMXNOR0200H Ethernet / Serial RTU module (all firmware versions) and Modicon M340 controller (all firmware versions), which could cause denial of service when truncated SNMP packets on port 161/UDP are received ...

7.8CVSS7.5AI score0.0051EPSS

CVE•added 2019/09/17 8:15 p.m.•114 views

CVE-2019-6829

A CWE-248: Uncaught Exception vulnerability exists in Modicon M580 (firmware version prior to V2.90) and Modicon M340 (firmware version prior to V3.10), which could cause a possible denial of service when writing to specific memory addresses in the controller over Modbus.

7.8CVSS7.3AI score0.00367EPSS

CVE•added 2019/09/17 8:15 p.m.•107 views

CVE-2019-6828

A CWE-248: Uncaught Exception vulnerability exists Modicon M580 (firmware version prior to V2.90), Modicon M340 (firmware version prior to V3.10), Modicon Premium (all versions), and Modicon Quantum (all versions), which could cause a possible denial of service when reading specific coils and regis...

7.8CVSS7.3AI score0.00367EPSS

CVE•added 2019/09/17 8:15 p.m.•98 views

CVE-2019-6809

A CWE-248: Uncaught Exception vulnerability exists in Modicon M580 (firmware versions prior to V2.90), Modicon M340 (firmware versions prior to V3.10), Modicon Premium (all versions), Modicon Quantum (all versions), which could cause a possible denial of service when reading invalid data from the c...

7.8CVSS7.2AI score0.00552EPSS

CVE•added 2019/05/22 8:29 p.m.•81 views

CVE-2018-7845

A CWE-125: Out-of-bounds Read vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause the disclosure of unexpected data from the controller when reading specific memory blocks in the controller over Modbus.

7.5CVSS7.3AI score0.04366EPSS

CVE•added 2019/05/22 9:29 p.m.•72 views

CVE-2018-7844

A CWE-200: Information Exposure vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause the disclosure of SNMP information when reading memory blocks from the controller over Modbus.

7.5CVSS7.2AI score0.13834EPSS

CVE•added 2019/05/22 8:29 p.m.•69 views

CVE-2019-6819

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists which could cause a possible Denial of Service when specific Modbus frames are sent to the controller in the products: Modicon M340 - firmware versions prior to V3.01, Modicon M580 - firmware versions prior to V2.8...

7.5CVSS7.4AI score0.00468EPSS

CVE•added 2019/05/22 9:29 p.m.•61 views

CVE-2019-6807

A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause a possible denial of service when writing sensitive application variables to the controller over Modbus.

7.5CVSS7.2AI score0.00141EPSS

CVE•added 2019/10/29 7:15 p.m.•60 views

CVE-2019-6851

A CWE-538: File and Directory Information Exposure vulnerability exists in Modicon M580, Modicon M340, Modicon Premium , Modicon Quantum (all firmware versions), which could cause the disclosure of information from the controller when using TFTP protocol.

7.5CVSS7.2AI score0.00443EPSS

CVE•added 2019/05/22 9:29 p.m.•58 views

CVE-2018-7854

A CWE-248 Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause a denial of Service when sending invalid debug parameters to the controller over Modbus.

7.5CVSS7.2AI score0.01912EPSS

CVE•added 2019/05/22 9:29 p.m.•58 views

CVE-2018-7855

A CWE-248 Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause a Denial of Service when sending invalid breakpoint parameters to the controller over Modbus

7.5CVSS7.3AI score0.00591EPSS

CVE•added 2019/05/22 9:29 p.m.•58 views

CVE-2019-6806

7.5CVSS7.2AI score0.0034EPSS

CVE•added 2019/05/22 8:29 p.m.•57 views

CVE-2018-7843

A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause denial of service when reading memory blocks with an invalid data size or with an invalid data offset in the controller over Modbus.

7.5CVSS7.3AI score0.14763EPSS

CVE•added 2019/05/22 8:29 p.m.•57 views

CVE-2018-7849

A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum and Modicon Premium which could cause a possible Denial of Service due to improper data integrity check when sending files the controller over Modbus.

7.5CVSS7.3AI score0.14763EPSS

CVE•added 2019/05/22 9:29 p.m.•56 views

CVE-2018-7853

A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause denial of service when reading invalid physical memory blocks in the controller over Modbus

7.5CVSS7.2AI score0.00494EPSS

CVE•added 2019/05/22 8:29 p.m.•55 views

CVE-2018-7848

7.5CVSS7.2AI score0.1323EPSS

CVE•added 2023/04/19 8:15 a.m.•54 views

CVE-2023-25619

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists thatcould cause denial of service of the controller when communicating over the Modbus TCPprotocol.

7.5CVSS7.5AI score0.00069EPSS

CVE•added 2019/05/22 9:29 p.m.•53 views

CVE-2018-7856

A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause a possible denial of Service when writing invalid memory blocks to the controller over Modbus.

7.5CVSS7.2AI score0.00494EPSS

CVE•added 2019/05/22 9:29 p.m.•53 views

CVE-2018-7857

A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause a possible Denial of Service when writing out of bounds variables to the controller over Modbus.

7.5CVSS7.3AI score0.00494EPSS

CVE•added 2019/05/22 8:29 p.m.•52 views

CVE-2018-7852

A CWE-248: Uncaught Exception vulnerability exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum, and Modicon Premium which could cause denial of service when an invalid private command parameter is sent to the controller over Modbus.

7.5CVSS7.4AI score0.14763EPSS

CVE•added 2019/10/29 7:15 p.m.•52 views

CVE-2019-6845

A CWE-319: Cleartext Transmission of Sensitive Information vulnerability exists in Modicon M580, Modicon M340, Modicon Premium , Modicon Quantum (all firmware versions), which could cause the disclosure of information when transferring applications to the controller using Modbus TCP protocol.

7.5CVSS7.2AI score0.00205EPSS