Schneider-electric 140cpu43412uc_firmware
7 CVEs affecting Schneider-electric 140cpu43412uc_firmware. Latest disclosed: 2018-04-18. Critical: 4, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2018-7761 | Critical | 9.8 | 2018-04-18 | A vulnerability exists in the HTTP request parser in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200 which could allow arbi… |
CVE-2018-7760 | Critical | 9.8 | 2018-04-18 | An authorization bypass vulnerability exists in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200. Requests to CGI functions… |
CVE-2018-7242 | Critical | 9.8 | 2018-04-18 | Vulnerable hash algorithms exists in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the com… |
CVE-2018-7241 | Critical | 9.8 | 2018-04-18 | Hard coded accounts exist in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communicati… |
CVE-2018-7240 | High | 8.8 | 2018-04-18 | A vulnerability exists in Schneider Electric's Modicon Quantum in all versions of the communication modules which could allow arbitrary code execution. An FTP… |
CVE-2018-7762 | High | 7.5 | 2018-04-18 | A vulnerability exists in the web services to process SOAP requests in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200 whic… |
CVE-2018-7759 | High | 7.5 | 2018-04-18 | A buffer overflow vulnerability exists in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200. The buffer overflow vulnerabilit… |