Schneider-electric Modicon_m221_firmware
14 CVEs affecting Schneider-electric Modicon_m221_firmware. Latest disclosed: 2020-12-11. Critical: 3, High: 7.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2020-7489 | Critical | 9.8 | 2020-04-22 | A CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability exists on EcoStruxure Machine Expert… |
CVE-2018-7791 | Critical | 9.8 | 2018-08-29 | A Permissions, Privileges, and Access Control vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware… |
CVE-2018-7790 | Critical | 9.8 | 2018-08-29 | An Information Management Error vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). Th… |
CVE-2019-6820 | High | 8.2 | 2019-05-22 | A CWE-306: Missing Authentication for Critical Function vulnerability exists which could cause a modification of device IP configuration (IP address, network m… |
CVE-2018-7821 | High | 7.5 | 2019-05-22 | An Environment (CWE-2) vulnerability exists in SoMachine Basic, all versions, and Modicon M221(all references, all versions prior to firmware V1.10.0.0) which… |
CVE-2019-10953 | High | 7.5 | 2019-04-17 | ABB, Phoenix Contact, Schneider Electric, Siemens, WAGO - Programmable Logic Controllers, multiple versions. Researchers have found some controllers are suscep… |
CVE-2018-7792 | High | 7.5 | 2018-08-29 | A Permissions, Privileges, and Access Control vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware… |
CVE-2018-7789 | High | 7.5 | 2018-08-29 | An Improper Check for Unusual or Exceptional Conditions vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior t… |
CVE-2020-7566 | High | 7.3 | 2020-11-19 | A CWE-334: Small Space of Random Values vulnerability exists in Modicon M221 (all references, all versions) that could allow the attacker to break the encrypti… |
CVE-2020-7565 | High | 7.3 | 2020-11-19 | A CWE-326: Inadequate Encryption Strength vulnerability exists in Modicon M221 (all references, all versions) that could allow the attacker to break the encryp… |
CVE-2017-6030 | Medium | 6.5 | 2017-06-30 | A predictable value range from previous values issue was discovered in Schneider Electric Modicon PLCs Modicon M221, firmware versions prior to Version 1.5.0.0… |
CVE-2020-7567 | Medium | 5.7 | 2020-11-19 | A CWE-311: Missing Encryption of Sensitive Data vulnerability exists in Modicon M221 (all references, all versions) that could allow the attacker to find the p… |
CVE-2020-28214 | Medium | 5.5 | 2020-12-11 | A CWE-760: Use of a One-Way Hash with a Predictable Salt vulnerability exists in Modicon M221 (all references, all versions), that could allow an attacker to p… |
CVE-2020-7568 | Medium | 4.3 | 2020-11-19 | A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in Modicon M221 (all references, all versions) that could allow non… |