Buffer overflow in Schneider-electric Modicon_m340_bmx_noc_0401
CVE-2020-7563
A CWE-787: Out-of-bounds Write vulnerability exists in the Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details) which could cause corruption of data, a…
Vulnerability class: Buffer Overflow
EPSS: 0.011 (60.7th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 8.8 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.
Affected products
- Schneider-electric Modicon_m340_bmx_noc_0401
- Schneider-electric Modicon_m340_bmx_noc_0401_firmware
- Schneider-electric Modicon_m340_bmx_noe_0100
- Schneider-electric Modicon_m340_bmx_noe_0100_firmware
- Schneider-electric Modicon_m340_bmx_noe_0100h
- Schneider-electric Modicon_m340_bmx_noe_0100h_firmware
- Schneider-electric Modicon_m340_bmx_noe_0110
- Schneider-electric Modicon_m340_bmx_noe_0110_firmware
- Schneider-electric Modicon_m340_bmx_noe_0110h
- Schneider-electric Modicon_m340_bmx_noe_0110h_firmware
Weakness classification (CWE)
References
- cybersecurity@se.com (x_refsource_MISC, Vendor Advisory)
Frequently asked questions
- What is CVE-2020-7563?
- CVE-2020-7563 is a high-severity vulnerability in Schneider-electric Modicon_m340_bmx_noc_0401, classified under Out-of-bounds Write. CVSS score: 8.8/10. Published 2020-11-18.
- How severe is CVE-2020-7563?
- High severity. CVSS v3 base score is 8.8 out of 10.