X80 Advanced Rtu Module Firmware@* Security Vulnerabilities and Issues — X80 Advanced Rtu Module Firmware@* CVE List

Lucene search

Schneider-electricX80 Advanced Rtu Module Firmware*

4 matches found

CVE•added 2022/07/13 9:15 p.m.•62 views

CVE-2022-34762

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause unauthorized firmware image loading when unsigned images are added to the firmware image path. Affected Products: X80 advanced RTU Communication Module (BMENOR2200H) (V2.01...

7.5CVSS7.4AI score0.00429EPSS

CVE•added 2022/07/13 9:15 p.m.•59 views

CVE-2022-34761

A CWE-476: NULL Pointer Dereference vulnerability exists that could cause a denial of service of the webserver when parsing JSON content type. Affected Products: X80 advanced RTU Communication Module (BMENOR2200H) (V2.01 and later), OPC UA Modicon Communication Module (BMENUA0100) (V1.10 and prior)

7.5CVSS7.4AI score0.00805EPSS

CVE•added 2022/07/13 9:15 p.m.•55 views

CVE-2022-34763

A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists that could cause loading of unauthorized firmware images due to improper verification of the firmware signature. Affected Products: X80 advanced RTU Communication Module (BMENOR2200H) (V2.01 and later), OPC UA Modicon Co...

7.5CVSS7.4AI score0.00168EPSS

CVE•added 2022/07/13 9:15 p.m.•53 views

CVE-2022-34765

A CWE-73: External Control of File Name or Path vulnerability exists that could cause loading of unauthorized firmware images when user-controlled data is written to the file path. Affected Products: X80 advanced RTU Communication Module (BMENOR2200H) (V2.01 and later), OPC UA Modicon Communication...

5.5CVSS5.2AI score0.00274EPSS