Schneider-electric Modicon_m340_bmxp342020

39 CVEs affecting Schneider-electric Modicon_m340_bmxp342020. Latest disclosed: 2024-02-14. Critical: 7, High: 21.

Top CVEs affecting Schneider-electric Modicon_m340_bmxp342020
CVESeverityScorePublishedSummary
CVE-2022-37300Critical9.82022-09-12A CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability exists that could cause unauthorized access in read and write mode to the cont…
CVE-2020-7540Critical9.82020-12-11A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premi…
CVE-2018-7761Critical9.82018-04-18A vulnerability exists in the HTTP request parser in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200 which could allow arbi…
CVE-2018-7760Critical9.82018-04-18An authorization bypass vulnerability exists in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200. Requests to CGI functions…
CVE-2018-7242Critical9.82018-04-18Vulnerable hash algorithms exists in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the com…
CVE-2018-7241Critical9.82018-04-18Hard coded accounts exist in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communicati…
CVE-2021-22779Critical9.12021-07-14Authentication Bypass by Spoofing vulnerability exists in EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all versions of Unity Pro), Ec…
CVE-2020-7534High8.82022-02-04A CWE-352: Cross-Site Request Forgery (CSRF) vulnerability exists on the web server used, that could cause a leak of sensitive data or unauthorized actions on…
CVE-2023-6408High8.12024-02-14 CWE-924: Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability exists that could cause a denial of service an…
CVE-2022-45789High8.12023-01-31A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause execution of unauthorized Modbus functions on the controller when hija…
CVE-2021-22786High7.52023-02-01A CWE-200: Information Exposure vulnerability exists that could cause the exposure of sensitive information stored on the memory of the controller when communi…
CVE-2022-45788High7.52023-01-30A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause arbitrary code execution, denial of service and loss of c…
CVE-2022-0222High7.52022-11-22A CWE-269: Improper Privilege Management vulnerability exists that could cause a denial of service of the Ethernet communication of the controller when sending…
CVE-2021-22788High7.52022-02-11A CWE-787: Out-of-bounds Write vulnerability exists that could cause denial of service when an attacker sends a specially crafted HTTP request to the web serve…
CVE-2021-22787High7.52022-02-11A CWE-20: Improper Input Validation vulnerability exists that could cause denial of service of the device when an attacker sends a specially crafted HTTP reque…
CVE-2021-22785High7.52022-02-11A CWE-200: Information Exposure vulnerability exists that could cause sensitive information of files located in the web root directory to leak when an attacker…
CVE-2021-22792High7.52021-09-02A CWE-476: NULL Pointer Dereference vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller a…
CVE-2020-7543High7.52020-12-11A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum & Modico…
CVE-2020-7542High7.52020-12-11A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum & Modico…
CVE-2020-7539High7.52020-12-11A CWE-754 Improper Check for Unusual or Exceptional Conditions vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modico…