Vulnerabilites related to schneider-electric - modicon_m340_bmxp342020
cve-2015-7937
Vulnerability from cvelistv5
Published
2015-12-21 11:00
Modified
2024-08-06 08:06
Severity ?
Summary
Stack-based buffer overflow in the GoAhead Web Server on Schneider Electric Modicon M340 PLC BMXNOx and BMXPx devices allows remote attackers to execute arbitrary code via a long password in HTTP Basic Authentication data.
References
https://ics-cert.us-cert.gov/advisories/ICSA-15-351-01x_refsource_MISC
http://www.securityfocus.com/bid/79622vdb-entry, x_refsource_BID
http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-344-01x_refsource_CONFIRM
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T08:06:30.903Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-351-01"
          },
          {
            "name": "79622",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/79622"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-344-01"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-12-17T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in the GoAhead Web Server on Schneider Electric Modicon M340 PLC BMXNOx and BMXPx devices allows remote attackers to execute arbitrary code via a long password in HTTP Basic Authentication data."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-11-25T19:57:01",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-351-01"
        },
        {
          "name": "79622",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/79622"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-344-01"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2015-7937",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Stack-based buffer overflow in the GoAhead Web Server on Schneider Electric Modicon M340 PLC BMXNOx and BMXPx devices allows remote attackers to execute arbitrary code via a long password in HTTP Basic Authentication data."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-351-01",
              "refsource": "MISC",
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-351-01"
            },
            {
              "name": "79622",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/79622"
            },
            {
              "name": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-344-01",
              "refsource": "CONFIRM",
              "url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-344-01"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2015-7937",
    "datePublished": "2015-12-21T11:00:00",
    "dateReserved": "2015-10-22T00:00:00",
    "dateUpdated": "2024-08-06T08:06:30.903Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-22786
Vulnerability from cvelistv5
Published
2023-02-01 00:00
Modified
2025-02-05 20:06
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
A CWE-200: Information Exposure vulnerability exists that could cause the exposure of sensitive information stored on the memory of the controller when communicating over the Modbus TCP protocol. Affected Products: Modicon M340 CPU (part numbers BMXP34*) (Versions prior to V3.30), Modicon M580 CPU (part numbers BMEP* and BMEH*) (Versions prior to SV3.20), Modicon MC80 (BMKC80) (Versions prior to V1.6), Modicon M580 CPU Safety (part numbers BMEP58*S and BMEH58*S) (All Versions), Modicon Momentum MDI (171CBU*) (Versions prior to V2.3), Legacy Modicon Quantum (All Versions)
References
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-221-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-221-04-Modicon_Controllers_Ethernet_Modules_Security_Notification.pdf
Impacted products
Vendor Product Version
Schneider Electric Modicon M340 CPU (part numbers BMXP34*) Version: All   < V3.30
 Create a notification for this product.
   Schneider Electric Modicon M580 CPU (part numbers BMEP* and BMEH*) Version: All   < V3.20
 Create a notification for this product.
   Schneider Electric Modicon M580 CPU Safety (part numbers BMEP58*S and BMEH58*S) Version: All Versions
 Create a notification for this product.
   Schneider Electric Modicon MC80 (BMKC80) Version: All   < V1.6
 Create a notification for this product.
   Schneider Electric Modicon Momentum CPU (171CBU*) Version: All   < V2.3
 Create a notification for this product.
   Schneider Electric Legacy Modicon Quantum Version: All Versions
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T18:51:07.574Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-221-04\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2022-221-04-Modicon_Controllers_Ethernet_Modules_Security_Notification.pdf"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-22786",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-05T19:54:57.011597Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-05T20:06:44.280Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Modicon M340 CPU (part numbers BMXP34*)",
          "vendor": "Schneider Electric",
          "versions": [
            {
              "lessThan": "V3.30",
              "status": "affected",
              "version": "All",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Modicon M580 CPU (part numbers BMEP* and BMEH*)",
          "vendor": "Schneider Electric",
          "versions": [
            {
              "lessThan": "V3.20",
              "status": "affected",
              "version": "All",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Modicon M580 CPU Safety (part numbers BMEP58*S and BMEH58*S)",
          "vendor": "Schneider Electric",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions"
            }
          ]
        },
        {
          "product": "Modicon MC80 (BMKC80)",
          "vendor": "Schneider Electric",
          "versions": [
            {
              "lessThan": "V1.6",
              "status": "affected",
              "version": "All",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Modicon Momentum CPU (171CBU*)",
          "vendor": "Schneider Electric",
          "versions": [
            {
              "lessThan": "V2.3",
              "status": "affected",
              "version": "All",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Legacy Modicon Quantum",
          "vendor": "Schneider Electric",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions"
            }
          ]
        }
      ],
      "datePublic": "2022-08-09T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A CWE-200: Information Exposure vulnerability exists that could cause the exposure of sensitive information stored on the memory of the controller when communicating over the Modbus TCP protocol. Affected Products: Modicon M340 CPU (part numbers BMXP34*) (Versions prior to V3.30), Modicon M580 CPU (part numbers BMEP* and BMEH*) (Versions prior to SV3.20), Modicon MC80 (BMKC80) (Versions prior to V1.6), Modicon M580 CPU Safety (part numbers BMEP58*S and BMEH58*S) (All Versions), Modicon Momentum MDI (171CBU*) (Versions prior to V2.3), Legacy Modicon Quantum (All Versions)"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-200",
              "description": "CWE-200 Information Exposure",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-02-01T00:00:00.000Z",
        "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "shortName": "schneider"
      },
      "references": [
        {
          "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-221-04\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2022-221-04-Modicon_Controllers_Ethernet_Modules_Security_Notification.pdf"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
    "assignerShortName": "schneider",
    "cveId": "CVE-2021-22786",
    "datePublished": "2023-02-01T00:00:00.000Z",
    "dateReserved": "2021-01-06T00:00:00.000Z",
    "dateUpdated": "2025-02-05T20:06:44.280Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-7761
Vulnerability from cvelistv5
Published
2018-04-18 20:00
Modified
2024-08-05 06:37
Severity ?
Summary
A vulnerability exists in the HTTP request parser in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200 which could allow arbitrary code execution.
References
https://www.schneider-electric.com/en/download/document/SEVD-2018-081-02/x_refsource_CONFIRM
Impacted products
Vendor Product Version
Schneider Electric SE Modicon M340, Modicon Premium, Modicon Quantum, BMXNOR0202 Version: All Modicon M340, Premium, Quantum PLCs and BMXNOR0202
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T06:37:57.953Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-081-02/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Modicon M340, Modicon Premium, Modicon Quantum, BMXNOR0202",
          "vendor": "Schneider Electric SE",
          "versions": [
            {
              "status": "affected",
              "version": "All Modicon M340, Premium, Quantum PLCs and BMXNOR0202"
            }
          ]
        }
      ],
      "datePublic": "2018-03-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability exists in the HTTP request parser in Schneider Electric\u0027s Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200 which could allow arbitrary code execution."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Arbritrary Code Execution",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-04-18T19:57:01",
        "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "shortName": "schneider"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-081-02/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cybersecurity@schneider-electric.com",
          "ID": "CVE-2018-7761",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Modicon M340, Modicon Premium, Modicon Quantum, BMXNOR0202",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All Modicon M340, Premium, Quantum PLCs and BMXNOR0202"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Schneider Electric SE"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability exists in the HTTP request parser in Schneider Electric\u0027s Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200 which could allow arbitrary code execution."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Arbritrary Code Execution"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.schneider-electric.com/en/download/document/SEVD-2018-081-02/",
              "refsource": "CONFIRM",
              "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-081-02/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
    "assignerShortName": "schneider",
    "cveId": "CVE-2018-7761",
    "datePublished": "2018-04-18T20:00:00",
    "dateReserved": "2018-03-08T00:00:00",
    "dateUpdated": "2024-08-05T06:37:57.953Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-0222
Vulnerability from cvelistv5
Published
2022-11-22 00:00
Modified
2024-08-02 23:18
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A CWE-269: Improper Privilege Management vulnerability exists that could cause a denial of service of the Ethernet communication of the controller when sending a specific request over SNMP. Affected products: Modicon M340 CPUs(BMXP34* versions prior to V3.40), Modicon M340 X80 Ethernet Communication modules:BMXNOE0100 (H), BMXNOE0110 (H), BMXNOR0200H RTU(BMXNOE* all versions)(BMXNOR* versions prior to v1.7 IR24)
References
https://www.se.com/us/en/download/document/SEVD-2022-102-02/
Impacted products
Vendor Product Version
Schneider Electric Modicon M340 CPUs Version: BMXP34*   < V3.40
 Create a notification for this product.
   Schneider Electric Modicon M340 X80 Ethernet Communication modules: BMXNOE0100 (H) BMXNOE0110 (H) BMXNOR0200H RTU Version: BMXNOE* All Versions
Version: BMXNOR*   < v1.7 IR24
Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:18:42.797Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.se.com/us/en/download/document/SEVD-2022-102-02/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Modicon M340 CPUs",
          "vendor": "Schneider Electric",
          "versions": [
            {
              "lessThan": "V3.40",
              "status": "affected",
              "version": "BMXP34*",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Modicon M340 X80 Ethernet Communication modules: BMXNOE0100 (H) BMXNOE0110 (H) BMXNOR0200H RTU",
          "vendor": "Schneider Electric",
          "versions": [
            {
              "status": "affected",
              "version": "BMXNOE* All Versions"
            },
            {
              "lessThan": "v1.7 IR24 ",
              "status": "affected",
              "version": "BMXNOR*",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A CWE-269: Improper Privilege Management vulnerability exists that could cause a denial of service of the Ethernet communication of the controller when sending a specific request over SNMP. Affected products: Modicon M340 CPUs(BMXP34* versions prior to V3.40), Modicon M340 X80 Ethernet Communication modules:BMXNOE0100 (H), BMXNOE0110 (H), BMXNOR0200H RTU(BMXNOE* all versions)(BMXNOR* versions prior to v1.7 IR24)"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-269",
              "description": "CWE-269 Improper Privilege Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-11-22T00:00:00",
        "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "shortName": "schneider"
      },
      "references": [
        {
          "url": "https://www.se.com/us/en/download/document/SEVD-2022-102-02/"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
    "assignerShortName": "schneider",
    "cveId": "CVE-2022-0222",
    "datePublished": "2022-11-22T00:00:00",
    "dateReserved": "2022-01-13T00:00:00",
    "dateUpdated": "2024-08-02T23:18:42.797Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-6819
Vulnerability from cvelistv5
Published
2019-05-22 19:45
Modified
2024-08-04 20:31
Severity ?
Summary
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists which could cause a possible Denial of Service when specific Modbus frames are sent to the controller in the products: Modicon M340 - firmware versions prior to V3.01, Modicon M580 - firmware versions prior to V2.80, All firmware versions of Modicon Quantum and Modicon Premium.
References
https://www.schneider-electric.com/en/download/document/SEVD-2019-134-05/x_refsource_MISC
http://www.securityfocus.com/bid/109004vdb-entry, x_refsource_BID
Impacted products
Vendor Product Version
n/a Modicon Controllers, Modicon M340 - firmware versions prior to V3.01 Modicon M580 - firmware versions prior to V2.80 All firmware versions of Modicon Quantum and Modicon Premium Version: Modicon Controllers, Modicon M340 - firmware versions prior to V3.01 Modicon M580 - firmware versions prior to V2.80 All firmware versions of Modicon Quantum and Modicon Premium
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T20:31:04.277Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.schneider-electric.com/en/download/document/SEVD-2019-134-05/"
          },
          {
            "name": "109004",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/109004"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Modicon Controllers, Modicon M340 - firmware versions prior to V3.01 Modicon M580 - firmware versions prior to V2.80 All firmware versions of Modicon Quantum and Modicon Premium",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Modicon Controllers, Modicon M340 - firmware versions prior to V3.01 Modicon M580 - firmware versions prior to V2.80 All firmware versions of Modicon Quantum and Modicon Premium"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists which could cause a possible Denial of Service when specific Modbus frames are sent to the controller in the products: Modicon M340 - firmware versions prior to V3.01, Modicon M580 - firmware versions prior to V2.80, All firmware versions of Modicon Quantum and Modicon Premium."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-754",
              "description": "CWE-754: Improper Check for Unusual or Exceptional Conditions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-07-03T13:06:07",
        "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "shortName": "schneider"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.schneider-electric.com/en/download/document/SEVD-2019-134-05/"
        },
        {
          "name": "109004",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/109004"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cybersecurity@schneider-electric.com",
          "ID": "CVE-2019-6819",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Modicon Controllers, Modicon M340 - firmware versions prior to V3.01 Modicon M580 - firmware versions prior to V2.80 All firmware versions of Modicon Quantum and Modicon Premium",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Modicon Controllers, Modicon M340 - firmware versions prior to V3.01 Modicon M580 - firmware versions prior to V2.80 All firmware versions of Modicon Quantum and Modicon Premium"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists which could cause a possible Denial of Service when specific Modbus frames are sent to the controller in the products: Modicon M340 - firmware versions prior to V3.01, Modicon M580 - firmware versions prior to V2.80, All firmware versions of Modicon Quantum and Modicon Premium."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-754: Improper Check for Unusual or Exceptional Conditions"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.schneider-electric.com/en/download/document/SEVD-2019-134-05/",
              "refsource": "MISC",
              "url": "https://www.schneider-electric.com/en/download/document/SEVD-2019-134-05/"
            },
            {
              "name": "109004",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/109004"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
    "assignerShortName": "schneider",
    "cveId": "CVE-2019-6819",
    "datePublished": "2019-05-22T19:45:08",
    "dateReserved": "2019-01-25T00:00:00",
    "dateUpdated": "2024-08-04T20:31:04.277Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2019-6855
Vulnerability from cvelistv5
Published
2020-01-06 22:56
Modified
2024-08-04 20:31
Severity ?
Summary
Incorrect Authorization vulnerability exists in EcoStruxure Control Expert (all versions prior to 14.1 Hot Fix), Unity Pro (all versions), Modicon M340 (all versions prior to V3.20) , and Modicon M580 (all versions prior to V3.10), which could cause a bypass of the authentication process between EcoStruxure Control Expert and the M340 and M580 controllers.
References
https://www.se.com/ww/en/download/document/SEVD-2019-344-02/x_refsource_MISC
Impacted products
Vendor Product Version
n/a EcoStruxure Control Expert (all versions prior to 14.1 Hot Fix), Unity Pro (all versions), Modicon M340 (all versions prior to V3.20) , and Modicon M580 (all versions prior to V3.10) Version: EcoStruxure Control Expert (all versions prior to 14.1 Hot Fix), Unity Pro (all versions), Modicon M340 (all versions prior to V3.20) , and Modicon M580 (all versions prior to V3.10)
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T20:31:04.396Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.se.com/ww/en/download/document/SEVD-2019-344-02/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": " EcoStruxure Control Expert (all versions prior to 14.1 Hot Fix), Unity Pro (all versions), Modicon M340 (all versions prior to V3.20) , and Modicon M580 (all versions prior to V3.10)",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "EcoStruxure Control Expert (all versions prior to 14.1 Hot Fix), Unity Pro (all versions), Modicon M340 (all versions prior to V3.20) , and Modicon M580 (all versions prior to V3.10)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Incorrect Authorization vulnerability exists in EcoStruxure Control Expert (all versions prior to 14.1 Hot Fix), Unity Pro (all versions), Modicon M340 (all versions prior to V3.20) , and Modicon M580 (all versions prior to V3.10), which could cause a bypass of the authentication process between EcoStruxure Control Expert and the M340 and M580 controllers."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-863",
              "description": "CWE-863: Incorrect Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-05-13T18:30:05",
        "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "shortName": "schneider"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.se.com/ww/en/download/document/SEVD-2019-344-02/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cybersecurity@schneider-electric.com",
          "ID": "CVE-2019-6855",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": " EcoStruxure Control Expert (all versions prior to 14.1 Hot Fix), Unity Pro (all versions), Modicon M340 (all versions prior to V3.20) , and Modicon M580 (all versions prior to V3.10)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "EcoStruxure Control Expert (all versions prior to 14.1 Hot Fix), Unity Pro (all versions), Modicon M340 (all versions prior to V3.20) , and Modicon M580 (all versions prior to V3.10)"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Incorrect Authorization vulnerability exists in EcoStruxure Control Expert (all versions prior to 14.1 Hot Fix), Unity Pro (all versions), Modicon M340 (all versions prior to V3.20) , and Modicon M580 (all versions prior to V3.10), which could cause a bypass of the authentication process between EcoStruxure Control Expert and the M340 and M580 controllers."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-863: Incorrect Authorization"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.se.com/ww/en/download/document/SEVD-2019-344-02/",
              "refsource": "MISC",
              "url": "https://www.se.com/ww/en/download/document/SEVD-2019-344-02/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
    "assignerShortName": "schneider",
    "cveId": "CVE-2019-6855",
    "datePublished": "2020-01-06T22:56:58",
    "dateReserved": "2019-01-25T00:00:00",
    "dateUpdated": "2024-08-04T20:31:04.396Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-7851
Vulnerability from cvelistv5
Published
2019-05-22 19:56
Modified
2024-08-05 06:37
Severity ?
Summary
CWE-119: Buffer errors vulnerability exists in Modicon M580 with firmware prior to V2.50, Modicon M340 with firmware prior to V3.01, BMxCRA312xx with firmware prior to V2.40, All firmware versions of Modicon Premium and 140CRA312xxx when sending a specially crafted Modbus packet, which could cause a denial of service to the device that would force a restart to restore availability.
References
https://www.schneider-electric.com/en/download/document/SEVD-2019-134-10/x_refsource_MISC
Impacted products
Vendor Product Version
n/a Modicon M580 with firmware prior to V2.50 Modicon M340 with firmware prior to V3.01 BMxCRA312xx with firmware prior to V2.40 All firmware versions of Modicon Premium and 140CRA312xxx Version: Modicon M580 with firmware prior to V2.50 Modicon M340 with firmware prior to V3.01 BMxCRA312xx with firmware prior to V2.40 All firmware versions of Modicon Premium and 140CRA312xxx
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T06:37:59.635Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.schneider-electric.com/en/download/document/SEVD-2019-134-10/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Modicon M580 with firmware prior to V2.50 Modicon M340 with firmware prior to V3.01 BMxCRA312xx with firmware prior to V2.40 All firmware versions of Modicon Premium and 140CRA312xxx",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Modicon M580 with firmware prior to V2.50 Modicon M340 with firmware prior to V3.01 BMxCRA312xx with firmware prior to V2.40 All firmware versions of Modicon Premium and 140CRA312xxx"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "CWE-119: Buffer errors vulnerability exists in Modicon M580 with firmware prior to V2.50, Modicon M340 with firmware prior to V3.01, BMxCRA312xx with firmware prior to V2.40, All firmware versions of Modicon Premium and 140CRA312xxx when sending a specially crafted Modbus packet, which could cause a denial of service to the device that would force a restart to restore availability."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-119",
              "description": "CWE-119: Buffer errors",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-05-22T19:56:24",
        "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "shortName": "schneider"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.schneider-electric.com/en/download/document/SEVD-2019-134-10/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cybersecurity@schneider-electric.com",
          "ID": "CVE-2018-7851",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Modicon M580 with firmware prior to V2.50 Modicon M340 with firmware prior to V3.01 BMxCRA312xx with firmware prior to V2.40 All firmware versions of Modicon Premium and 140CRA312xxx",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Modicon M580 with firmware prior to V2.50 Modicon M340 with firmware prior to V3.01 BMxCRA312xx with firmware prior to V2.40 All firmware versions of Modicon Premium and 140CRA312xxx"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "CWE-119: Buffer errors vulnerability exists in Modicon M580 with firmware prior to V2.50, Modicon M340 with firmware prior to V3.01, BMxCRA312xx with firmware prior to V2.40, All firmware versions of Modicon Premium and 140CRA312xxx when sending a specially crafted Modbus packet, which could cause a denial of service to the device that would force a restart to restore availability."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-119: Buffer errors"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.schneider-electric.com/en/download/document/SEVD-2019-134-10/",
              "refsource": "MISC",
              "url": "https://www.schneider-electric.com/en/download/document/SEVD-2019-134-10/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
    "assignerShortName": "schneider",
    "cveId": "CVE-2018-7851",
    "datePublished": "2019-05-22T19:56:24",
    "dateReserved": "2018-03-08T00:00:00",
    "dateUpdated": "2024-08-05T06:37:59.635Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-7549
Vulnerability from cvelistv5
Published
2020-12-11 00:52
Modified
2024-08-04 09:33
Severity ?
Summary
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause denial of HTTP and FTP services when a series of specially crafted requests is sent to the controller over HTTP.
References
https://www.se.com/ww/en/download/document/SEVD-2020-343-06/x_refsource_CONFIRM
Impacted products
Vendor Product Version
n/a Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions) Version: Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions)
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:33:19.948Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-06/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions)",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause denial of HTTP and FTP services when a series of specially crafted requests is sent to the controller over HTTP."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-754",
              "description": "CWE-754: Improper Check for Unusual or Exceptional Conditions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-12-11T00:52:26",
        "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "shortName": "schneider"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-06/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cybersecurity@schneider-electric.com",
          "ID": "CVE-2020-7549",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions)"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause denial of HTTP and FTP services when a series of specially crafted requests is sent to the controller over HTTP."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-754: Improper Check for Unusual or Exceptional Conditions"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.se.com/ww/en/download/document/SEVD-2020-343-06/",
              "refsource": "CONFIRM",
              "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-06/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
    "assignerShortName": "schneider",
    "cveId": "CVE-2020-7549",
    "datePublished": "2020-12-11T00:52:26",
    "dateReserved": "2020-01-21T00:00:00",
    "dateUpdated": "2024-08-04T09:33:19.948Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-22788
Vulnerability from cvelistv5
Published
2022-02-11 17:40
Modified
2024-08-03 18:51
Severity ?
Summary
A CWE-787: Out-of-bounds Write vulnerability exists that could cause denial of service when an attacker sends a specially crafted HTTP request to the web server of the device. Affected Product: Modicon M340 CPUs: BMXP34 (Versions prior to V3.40), Modicon M340 X80 Ethernet Communication Modules: BMXNOE0100 (H), BMXNOE0110 (H), BMXNOC0401, BMXNOR0200H RTU (All Versions), Modicon Premium Processors with integrated Ethernet (Copro): TSXP574634, TSXP575634, TSXP576634 (All Versions), Modicon Quantum Processors with Integrated Ethernet (Copro): 140CPU65xxxxx (All Versions), Modicon Quantum Communication Modules: 140NOE771x1, 140NOC78x00, 140NOC77101 (All Versions), Modicon Premium Communication Modules: TSXETY4103, TSXETY5103 (All Versions)
References
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-257-02x_refsource_MISC
Impacted products
Vendor Product Version
n/a Modicon M340 CPUs: BMXP34 (Versions prior to V3.40), Modicon M340 X80 Ethernet Communication Modules: BMXNOE0100 (H), BMXNOE0110 (H), BMXNOC0401, BMXNOR0200H RTU (All Versions), Modicon Premium Processors with integrated Ethernet (Copro): TSXP574634, TSXP575634, TSXP576634 (All Versions), Modicon Quantum Processors with Integrated Ethernet (Copro): 140CPU65xxxxx (All Versions), Modicon Quantum Communication Modules: 140NOE771x1, 140NOC78x00, 140NOC77101 (All Versions), Modicon Premium Communication Modules: TSXETY4103, TSXETY5103 (All Versions) Version: Modicon M340 CPUs: BMXP34 (Versions prior to V3.40), Modicon M340 X80 Ethernet Communication Modules: BMXNOE0100 (H), BMXNOE0110 (H), BMXNOC0401, BMXNOR0200H RTU (All Versions), Modicon Premium Processors with integrated Ethernet (Copro): TSXP574634, TSXP575634, TSXP576634 (All Versions), Modicon Quantum Processors with Integrated Ethernet (Copro): 140CPU65xxxxx (All Versions), Modicon Quantum Communication Modules: 140NOE771x1, 140NOC78x00, 140NOC77101 (All Versions), Modicon Premium Communication Modules: TSXETY4103, TSXETY5103 (All Versions)
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T18:51:07.437Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-257-02"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Modicon M340 CPUs: BMXP34 (Versions prior to V3.40), Modicon M340 X80 Ethernet Communication Modules: BMXNOE0100 (H), BMXNOE0110 (H), BMXNOC0401, BMXNOR0200H RTU (All Versions), Modicon Premium Processors with integrated Ethernet (Copro): TSXP574634, TSXP575634, TSXP576634 (All Versions), Modicon Quantum Processors with Integrated Ethernet (Copro): 140CPU65xxxxx (All Versions), Modicon Quantum Communication Modules: 140NOE771x1, 140NOC78x00, 140NOC77101 (All Versions), Modicon Premium Communication Modules: TSXETY4103, TSXETY5103 (All Versions)",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Modicon M340 CPUs: BMXP34 (Versions prior to V3.40), Modicon M340 X80 Ethernet Communication Modules: BMXNOE0100 (H), BMXNOE0110 (H), BMXNOC0401, BMXNOR0200H RTU (All Versions), Modicon Premium Processors with integrated Ethernet (Copro): TSXP574634, TSXP575634, TSXP576634 (All Versions), Modicon Quantum Processors with Integrated Ethernet (Copro): 140CPU65xxxxx (All Versions), Modicon Quantum Communication Modules: 140NOE771x1, 140NOC78x00, 140NOC77101 (All Versions), Modicon Premium Communication Modules: TSXETY4103, TSXETY5103 (All Versions)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A CWE-787: Out-of-bounds Write vulnerability exists that could cause denial of service when an attacker sends a specially crafted HTTP request to the web server of the device. Affected Product: Modicon M340 CPUs: BMXP34 (Versions prior to V3.40), Modicon M340 X80 Ethernet Communication Modules: BMXNOE0100 (H), BMXNOE0110 (H), BMXNOC0401, BMXNOR0200H RTU (All Versions), Modicon Premium Processors with integrated Ethernet (Copro): TSXP574634, TSXP575634, TSXP576634 (All Versions), Modicon Quantum Processors with Integrated Ethernet (Copro): 140CPU65xxxxx (All Versions), Modicon Quantum Communication Modules: 140NOE771x1, 140NOC78x00, 140NOC77101 (All Versions), Modicon Premium Communication Modules: TSXETY4103, TSXETY5103 (All Versions)"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787: Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-02-11T17:40:33",
        "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "shortName": "schneider"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-257-02"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cybersecurity@schneider-electric.com",
          "ID": "CVE-2021-22788",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Modicon M340 CPUs: BMXP34 (Versions prior to V3.40), Modicon M340 X80 Ethernet Communication Modules: BMXNOE0100 (H), BMXNOE0110 (H), BMXNOC0401, BMXNOR0200H RTU (All Versions), Modicon Premium Processors with integrated Ethernet (Copro): TSXP574634, TSXP575634, TSXP576634 (All Versions), Modicon Quantum Processors with Integrated Ethernet (Copro): 140CPU65xxxxx (All Versions), Modicon Quantum Communication Modules: 140NOE771x1, 140NOC78x00, 140NOC77101 (All Versions), Modicon Premium Communication Modules: TSXETY4103, TSXETY5103 (All Versions)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Modicon M340 CPUs: BMXP34 (Versions prior to V3.40), Modicon M340 X80 Ethernet Communication Modules: BMXNOE0100 (H), BMXNOE0110 (H), BMXNOC0401, BMXNOR0200H RTU (All Versions), Modicon Premium Processors with integrated Ethernet (Copro): TSXP574634, TSXP575634, TSXP576634 (All Versions), Modicon Quantum Processors with Integrated Ethernet (Copro): 140CPU65xxxxx (All Versions), Modicon Quantum Communication Modules: 140NOE771x1, 140NOC78x00, 140NOC77101 (All Versions), Modicon Premium Communication Modules: TSXETY4103, TSXETY5103 (All Versions)"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A CWE-787: Out-of-bounds Write vulnerability exists that could cause denial of service when an attacker sends a specially crafted HTTP request to the web server of the device. Affected Product: Modicon M340 CPUs: BMXP34 (Versions prior to V3.40), Modicon M340 X80 Ethernet Communication Modules: BMXNOE0100 (H), BMXNOE0110 (H), BMXNOC0401, BMXNOR0200H RTU (All Versions), Modicon Premium Processors with integrated Ethernet (Copro): TSXP574634, TSXP575634, TSXP576634 (All Versions), Modicon Quantum Processors with Integrated Ethernet (Copro): 140CPU65xxxxx (All Versions), Modicon Quantum Communication Modules: 140NOE771x1, 140NOC78x00, 140NOC77101 (All Versions), Modicon Premium Communication Modules: TSXETY4103, TSXETY5103 (All Versions)"
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-787: Out-of-bounds Write"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-257-02",
              "refsource": "MISC",
              "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-257-02"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
    "assignerShortName": "schneider",
    "cveId": "CVE-2021-22788",
    "datePublished": "2022-02-11T17:40:33",
    "dateReserved": "2021-01-06T00:00:00",
    "dateUpdated": "2024-08-03T18:51:07.437Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2014-0754
Vulnerability from cvelistv5
Published
2014-10-03 18:00
Modified
2024-08-06 09:27
Severity ?
Summary
Directory traversal vulnerability in SchneiderWEB on Schneider Electric Modicon PLC Ethernet modules 140CPU65x Exec before 5.5, 140NOC78x Exec before 1.62, 140NOE77x Exec before 6.2, BMXNOC0401 before 2.05, BMXNOE0100 before 2.9, BMXNOE0110x Exec before 6.0, TSXETC101 Exec before 2.04, TSXETY4103x Exec before 5.7, TSXETY5103x Exec before 5.9, TSXP57x ETYPort Exec before 5.7, and TSXP57x Ethernet Copro Exec before 5.5 allows remote attackers to visit arbitrary resources via a crafted HTTP request.
References
http://www.securityfocus.com/bid/70193vdb-entry, x_refsource_BID
https://ics-cert.us-cert.gov/advisories/ICSA-14-273-01x_refsource_MISC
http://download.schneider-electric.com/files?p_Reference=SEVD-2014-260-01&p_EnDocType=Software%20-%20Updates&p_File_Id=608959359&p_File_Name=SEVD-2014-260-01.pdfx_refsource_CONFIRM
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T09:27:19.540Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "70193",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/70193"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-14-273-01"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://download.schneider-electric.com/files?p_Reference=SEVD-2014-260-01\u0026p_EnDocType=Software%20-%20Updates\u0026p_File_Id=608959359\u0026p_File_Name=SEVD-2014-260-01.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-09-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Directory traversal vulnerability in SchneiderWEB on Schneider Electric Modicon PLC Ethernet modules 140CPU65x Exec before 5.5, 140NOC78x Exec before 1.62, 140NOE77x Exec before 6.2, BMXNOC0401 before 2.05, BMXNOE0100 before 2.9, BMXNOE0110x Exec before 6.0, TSXETC101 Exec before 2.04, TSXETY4103x Exec before 5.7, TSXETY5103x Exec before 5.9, TSXP57x ETYPort Exec before 5.7, and TSXP57x Ethernet Copro Exec before 5.5 allows remote attackers to visit arbitrary resources via a crafted HTTP request."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2015-05-14T17:57:00",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "name": "70193",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/70193"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://ics-cert.us-cert.gov/advisories/ICSA-14-273-01"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://download.schneider-electric.com/files?p_Reference=SEVD-2014-260-01\u0026p_EnDocType=Software%20-%20Updates\u0026p_File_Id=608959359\u0026p_File_Name=SEVD-2014-260-01.pdf"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2014-0754",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Directory traversal vulnerability in SchneiderWEB on Schneider Electric Modicon PLC Ethernet modules 140CPU65x Exec before 5.5, 140NOC78x Exec before 1.62, 140NOE77x Exec before 6.2, BMXNOC0401 before 2.05, BMXNOE0100 before 2.9, BMXNOE0110x Exec before 6.0, TSXETC101 Exec before 2.04, TSXETY4103x Exec before 5.7, TSXETY5103x Exec before 5.9, TSXP57x ETYPort Exec before 5.7, and TSXP57x Ethernet Copro Exec before 5.5 allows remote attackers to visit arbitrary resources via a crafted HTTP request."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "70193",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/70193"
            },
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-14-273-01",
              "refsource": "MISC",
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-14-273-01"
            },
            {
              "name": "http://download.schneider-electric.com/files?p_Reference=SEVD-2014-260-01\u0026p_EnDocType=Software%20-%20Updates\u0026p_File_Id=608959359\u0026p_File_Name=SEVD-2014-260-01.pdf",
              "refsource": "CONFIRM",
              "url": "http://download.schneider-electric.com/files?p_Reference=SEVD-2014-260-01\u0026p_EnDocType=Software%20-%20Updates\u0026p_File_Id=608959359\u0026p_File_Name=SEVD-2014-260-01.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2014-0754",
    "datePublished": "2014-10-03T18:00:00",
    "dateReserved": "2014-01-02T00:00:00",
    "dateUpdated": "2024-08-06T09:27:19.540Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-7760
Vulnerability from cvelistv5
Published
2018-04-18 20:00
Modified
2024-08-05 06:37
Severity ?
Summary
An authorization bypass vulnerability exists in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200. Requests to CGI functions allow malicious users to bypass authorization.
References
https://www.schneider-electric.com/en/download/document/SEVD-2018-081-02/x_refsource_CONFIRM
Impacted products
Vendor Product Version
Schneider Electric SE Modicon M340, Modicon Premium, Modicon Quantum, BMXNOR0201 Version: All Modicon M340, Premium, Quantum PLCs and BMXNOR0201
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T06:37:59.111Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-081-02/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Modicon M340, Modicon Premium, Modicon Quantum, BMXNOR0201",
          "vendor": "Schneider Electric SE",
          "versions": [
            {
              "status": "affected",
              "version": "All Modicon M340, Premium, Quantum PLCs and BMXNOR0201"
            }
          ]
        }
      ],
      "datePublic": "2018-03-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An authorization bypass vulnerability exists in Schneider Electric\u0027s Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200. Requests to CGI functions allow malicious users to bypass authorization."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Authorization Bypass",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-04-18T19:57:01",
        "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "shortName": "schneider"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-081-02/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cybersecurity@schneider-electric.com",
          "ID": "CVE-2018-7760",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Modicon M340, Modicon Premium, Modicon Quantum, BMXNOR0201",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All Modicon M340, Premium, Quantum PLCs and BMXNOR0201"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Schneider Electric SE"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An authorization bypass vulnerability exists in Schneider Electric\u0027s Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200. Requests to CGI functions allow malicious users to bypass authorization."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Authorization Bypass"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.schneider-electric.com/en/download/document/SEVD-2018-081-02/",
              "refsource": "CONFIRM",
              "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-081-02/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
    "assignerShortName": "schneider",
    "cveId": "CVE-2018-7760",
    "datePublished": "2018-04-18T20:00:00",
    "dateReserved": "2018-03-08T00:00:00",
    "dateUpdated": "2024-08-05T06:37:59.111Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-37300
Vulnerability from cvelistv5
Published
2022-09-12 17:40
Modified
2024-08-03 10:29
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability exists that could cause unauthorized access in read and write mode to the controller when communicating over Modbus. Affected Products: EcoStruxure Control Expert Including all Unity Pro versions (former name of EcoStruxure Control Expert) (V15.0 SP1 and prior), EcoStruxure Process Expert, Including all versions of EcoStruxure Hybrid DCS (former name of EcoStruxure Process Expert) (V2021 and prior), Modicon M340 CPU (part numbers BMXP34*) (V3.40 and prior), Modicon M580 CPU (part numbers BMEP* and BMEH*) (V3.20 and prior).
References
https://www.se.com/us/en/download/document/SEVD-2022-221-01/x_refsource_MISC
Impacted products
Vendor Product Version
Schneider Electric EcoStruxure Control Expert Version: SP1   <
Create a notification for this product.
   Schneider Electric EcoStruxure Process Expert Version: V   <
Create a notification for this product.
   Schneider Electric Modicon M340 CPU Version: BMXP34   <
Create a notification for this product.
   Schneider Electric Modicon M580 CPU Version: BMEP   <
Version: BMEH   <
Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T10:29:20.628Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.se.com/us/en/download/document/SEVD-2022-221-01/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "EcoStruxure Control Expert",
          "vendor": "Schneider Electric",
          "versions": [
            {
              "lessThanOrEqual": "15.0",
              "status": "affected",
              "version": "SP1",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "EcoStruxure Process Expert",
          "vendor": "Schneider Electric",
          "versions": [
            {
              "lessThanOrEqual": "2021",
              "status": "affected",
              "version": "V",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Modicon M340 CPU",
          "vendor": "Schneider Electric",
          "versions": [
            {
              "lessThanOrEqual": "3.40",
              "status": "affected",
              "version": "BMXP34",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Modicon M580 CPU",
          "vendor": "Schneider Electric",
          "versions": [
            {
              "lessThanOrEqual": "3.20",
              "status": "affected",
              "version": "BMEP",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "3.20",
              "status": "affected",
              "version": "BMEH",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability exists that could cause unauthorized access in read and write mode to the controller when communicating over Modbus. Affected Products: EcoStruxure Control Expert Including all Unity Pro versions (former name of EcoStruxure Control Expert) (V15.0 SP1 and prior), EcoStruxure Process Expert, Including all versions of EcoStruxure Hybrid DCS (former name of EcoStruxure Process Expert) (V2021 and prior), Modicon M340 CPU (part numbers BMXP34*) (V3.40 and prior), Modicon M580 CPU (part numbers BMEP* and BMEH*) (V3.20 and prior)."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-640",
              "description": "CWE-640 Weak Password Recovery Mechanism for Forgotten Password",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-09-12T17:40:10",
        "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "shortName": "schneider"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.se.com/us/en/download/document/SEVD-2022-221-01/"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cybersecurity@schneider-electric.com",
          "ID": "CVE-2022-37300",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "EcoStruxure Control Expert",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c=",
                            "version_name": "SP1",
                            "version_value": "15.0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "EcoStruxure Process Expert",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c=",
                            "version_name": "V",
                            "version_value": "2021"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Modicon M340 CPU",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c=",
                            "version_name": "BMXP34",
                            "version_value": "3.40"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Modicon M580 CPU",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c=",
                            "version_name": "BMEP",
                            "version_value": "3.20"
                          },
                          {
                            "version_affected": "\u003c=",
                            "version_name": "BMEH",
                            "version_value": "3.20"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Schneider Electric"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability exists that could cause unauthorized access in read and write mode to the controller when communicating over Modbus. Affected Products: EcoStruxure Control Expert Including all Unity Pro versions (former name of EcoStruxure Control Expert) (V15.0 SP1 and prior), EcoStruxure Process Expert, Including all versions of EcoStruxure Hybrid DCS (former name of EcoStruxure Process Expert) (V2021 and prior), Modicon M340 CPU (part numbers BMXP34*) (V3.40 and prior), Modicon M580 CPU (part numbers BMEP* and BMEH*) (V3.20 and prior)."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-640 Weak Password Recovery Mechanism for Forgotten Password"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.se.com/us/en/download/document/SEVD-2022-221-01/",
              "refsource": "MISC",
              "url": "https://www.se.com/us/en/download/document/SEVD-2022-221-01/"
            }
          ]
        },
        "source": {
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
    "assignerShortName": "schneider",
    "cveId": "CVE-2022-37300",
    "datePublished": "2022-09-12T17:40:10",
    "dateReserved": "2022-08-01T00:00:00",
    "dateUpdated": "2024-08-03T10:29:20.628Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-22791
Vulnerability from cvelistv5
Published
2021-09-02 16:52
Modified
2024-08-03 18:51
Severity ?
Summary
A CWE-787: Out-of-bounds Write vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxureª Control Expert, including all Unity Pro versions (former name of EcoStruxureª Control Expert, all versions), PLC Simulator for EcoStruxureª Process Expert including all HDCS versions (former name of EcoStruxureª Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions).
References
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-06x_refsource_MISC
Impacted products
Vendor Product Version
n/a Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxureª Control Expert, including all Unity Pro versions (former name of EcoStruxureª Control Expert, all versions), PLC Simulator for EcoStruxureª Process Expert including all HDCS versions (former name of EcoStruxureª Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions) Version: Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxureª Control Expert, including all Unity Pro versions (former name of EcoStruxureª Control Expert, all versions), PLC Simulator for EcoStruxureª Process Expert including all HDCS versions (former name of EcoStruxureª Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T18:51:07.453Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-06"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxure\u00aa Control Expert, including all Unity Pro versions (former name of EcoStruxure\u00aa Control Expert, all versions), PLC Simulator for EcoStruxure\u00aa Process Expert including all HDCS versions (former name of EcoStruxure\u00aa Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxure\u00aa Control Expert, including all Unity Pro versions (former name of EcoStruxure\u00aa Control Expert, all versions), PLC Simulator for EcoStruxure\u00aa Process Expert including all HDCS versions (former name of EcoStruxure\u00aa Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A CWE-787: Out-of-bounds Write vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxure\u00aa Control Expert, including all Unity Pro versions (former name of EcoStruxure\u00aa Control Expert, all versions), PLC Simulator for EcoStruxure\u00aa Process Expert including all HDCS versions (former name of EcoStruxure\u00aa Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787: Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-09-02T16:52:51",
        "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "shortName": "schneider"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-06"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cybersecurity@schneider-electric.com",
          "ID": "CVE-2021-22791",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxure\u00aa Control Expert, including all Unity Pro versions (former name of EcoStruxure\u00aa Control Expert, all versions), PLC Simulator for EcoStruxure\u00aa Process Expert including all HDCS versions (former name of EcoStruxure\u00aa Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxure\u00aa Control Expert, including all Unity Pro versions (former name of EcoStruxure\u00aa Control Expert, all versions), PLC Simulator for EcoStruxure\u00aa Process Expert including all HDCS versions (former name of EcoStruxure\u00aa Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A CWE-787: Out-of-bounds Write vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxure\u00aa Control Expert, including all Unity Pro versions (former name of EcoStruxure\u00aa Control Expert, all versions), PLC Simulator for EcoStruxure\u00aa Process Expert including all HDCS versions (former name of EcoStruxure\u00aa Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-787: Out-of-bounds Write"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-06",
              "refsource": "MISC",
              "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-06"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
    "assignerShortName": "schneider",
    "cveId": "CVE-2021-22791",
    "datePublished": "2021-09-02T16:52:51",
    "dateReserved": "2021-01-06T00:00:00",
    "dateUpdated": "2024-08-03T18:51:07.453Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-7539
Vulnerability from cvelistv5
Published
2020-12-11 00:51
Modified
2024-08-04 09:33
Severity ?
Summary
A CWE-754 Improper Check for Unusual or Exceptional Conditions vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause a denial of service vulnerability when a specially crafted packet is sent to the controller over HTTP.
References
https://www.se.com/ww/en/download/document/SEVD-2020-343-03/x_refsource_CONFIRM
Impacted products
Vendor Product Version
n/a Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions) Version: Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions)
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:33:19.565Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-03/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions)",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A CWE-754 Improper Check for Unusual or Exceptional Conditions vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause a denial of service vulnerability when a specially crafted packet is sent to the controller over HTTP."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-754",
              "description": "CWE-754: Improper Check for Unusual or Exceptional Conditions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-12-11T00:51:57",
        "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "shortName": "schneider"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-03/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cybersecurity@schneider-electric.com",
          "ID": "CVE-2020-7539",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions)"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A CWE-754 Improper Check for Unusual or Exceptional Conditions vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause a denial of service vulnerability when a specially crafted packet is sent to the controller over HTTP."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-754: Improper Check for Unusual or Exceptional Conditions"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.se.com/ww/en/download/document/SEVD-2020-343-03/",
              "refsource": "CONFIRM",
              "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-03/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
    "assignerShortName": "schneider",
    "cveId": "CVE-2020-7539",
    "datePublished": "2020-12-11T00:51:57",
    "dateReserved": "2020-01-21T00:00:00",
    "dateUpdated": "2024-08-04T09:33:19.565Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-7241
Vulnerability from cvelistv5
Published
2018-04-18 20:00
Modified
2024-08-05 06:24
Severity ?
Summary
Hard coded accounts exist in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communication modules.
References
https://www.schneider-electric.com/en/download/document/SEVD-2018-081-01/x_refsource_CONFIRM
http://www.securityfocus.com/bid/103542vdb-entry, x_refsource_BID
https://ics-cert.us-cert.gov/advisories/ICSA-18-086-01x_refsource_MISC
Impacted products
Vendor Product Version
Schneider Electric SE Modicon Premium, Modicon Quantum, Modicon M340, BMXNOR0200 Version: All versions of communication modules for Modicon Premium, Quantum, M340 and BMXNOR0200
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T06:24:11.691Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-081-01/"
          },
          {
            "name": "103542",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/103542"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-086-01"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Modicon Premium, Modicon Quantum, Modicon M340, BMXNOR0200",
          "vendor": "Schneider Electric SE",
          "versions": [
            {
              "status": "affected",
              "version": "All versions of communication modules for Modicon Premium, Quantum, M340 and BMXNOR0200"
            }
          ]
        }
      ],
      "datePublic": "2018-03-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Hard coded accounts exist in Schneider Electric\u0027s Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communication modules."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Hard-coded accounts",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-12-05T20:57:01",
        "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "shortName": "schneider"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-081-01/"
        },
        {
          "name": "103542",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/103542"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-086-01"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cybersecurity@schneider-electric.com",
          "ID": "CVE-2018-7241",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Modicon Premium, Modicon Quantum, Modicon M340, BMXNOR0200",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions of communication modules for Modicon Premium, Quantum, M340 and BMXNOR0200"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Schneider Electric SE"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Hard coded accounts exist in Schneider Electric\u0027s Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communication modules."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Hard-coded accounts"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.schneider-electric.com/en/download/document/SEVD-2018-081-01/",
              "refsource": "CONFIRM",
              "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-081-01/"
            },
            {
              "name": "103542",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/103542"
            },
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-086-01",
              "refsource": "MISC",
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-086-01"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
    "assignerShortName": "schneider",
    "cveId": "CVE-2018-7241",
    "datePublished": "2018-04-18T20:00:00",
    "dateReserved": "2018-02-19T00:00:00",
    "dateUpdated": "2024-08-05T06:24:11.691Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-22785
Vulnerability from cvelistv5
Published
2022-02-11 17:40
Modified
2024-08-03 18:51
Severity ?
Summary
A CWE-200: Information Exposure vulnerability exists that could cause sensitive information of files located in the web root directory to leak when an attacker sends a HTTP request to the web server of the device. Affected Product: Modicon M340 CPUs: BMXP34 (Versions prior to V3.40), Modicon M340 X80 Ethernet Communication Modules: BMXNOE0100 (H), BMXNOE0110 (H), BMXNOC0401, BMXNOR0200H RTU (All Versions), Modicon Premium Processors with integrated Ethernet (Copro): TSXP574634, TSXP575634, TSXP576634 (All Versions), Modicon Quantum Processors with Integrated Ethernet (Copro): 140CPU65xxxxx (All Versions), Modicon Quantum Communication Modules: 140NOE771x1, 140NOC78x00, 140NOC77101 (All Versions), Modicon Premium Communication Modules: TSXETY4103, TSXETY5103 (All Versions)
References
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-257-02x_refsource_MISC
Impacted products
Vendor Product Version
n/a Modicon M340 CPUs: BMXP34 (Versions prior to V3.40), Modicon M340 X80 Ethernet Communication Modules: BMXNOE0100 (H), BMXNOE0110 (H), BMXNOC0401, BMXNOR0200H RTU (All Versions), Modicon Premium Processors with integrated Ethernet (Copro): TSXP574634, TSXP575634, TSXP576634 (All Versions), Modicon Quantum Processors with Integrated Ethernet (Copro): 140CPU65xxxxx (All Versions), Modicon Quantum Communication Modules: 140NOE771x1, 140NOC78x00, 140NOC77101 (All Versions), Modicon Premium Communication Modules: TSXETY4103, TSXETY5103 (All Versions) Version: Modicon M340 CPUs: BMXP34 (Versions prior to V3.40), Modicon M340 X80 Ethernet Communication Modules: BMXNOE0100 (H), BMXNOE0110 (H), BMXNOC0401, BMXNOR0200H RTU (All Versions), Modicon Premium Processors with integrated Ethernet (Copro): TSXP574634, TSXP575634, TSXP576634 (All Versions), Modicon Quantum Processors with Integrated Ethernet (Copro): 140CPU65xxxxx (All Versions), Modicon Quantum Communication Modules: 140NOE771x1, 140NOC78x00, 140NOC77101 (All Versions), Modicon Premium Communication Modules: TSXETY4103, TSXETY5103 (All Versions)
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T18:51:07.422Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-257-02"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Modicon M340 CPUs: BMXP34 (Versions prior to V3.40), Modicon M340 X80 Ethernet Communication Modules: BMXNOE0100 (H), BMXNOE0110 (H), BMXNOC0401, BMXNOR0200H RTU (All Versions), Modicon Premium Processors with integrated Ethernet (Copro): TSXP574634, TSXP575634, TSXP576634 (All Versions), Modicon Quantum Processors with Integrated Ethernet (Copro): 140CPU65xxxxx (All Versions), Modicon Quantum Communication Modules: 140NOE771x1, 140NOC78x00, 140NOC77101 (All Versions), Modicon Premium Communication Modules: TSXETY4103, TSXETY5103 (All Versions)",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Modicon M340 CPUs: BMXP34 (Versions prior to V3.40), Modicon M340 X80 Ethernet Communication Modules: BMXNOE0100 (H), BMXNOE0110 (H), BMXNOC0401, BMXNOR0200H RTU (All Versions), Modicon Premium Processors with integrated Ethernet (Copro): TSXP574634, TSXP575634, TSXP576634 (All Versions), Modicon Quantum Processors with Integrated Ethernet (Copro): 140CPU65xxxxx (All Versions), Modicon Quantum Communication Modules: 140NOE771x1, 140NOC78x00, 140NOC77101 (All Versions), Modicon Premium Communication Modules: TSXETY4103, TSXETY5103 (All Versions)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A CWE-200: Information Exposure vulnerability exists that could cause sensitive information of files located in the web root directory to leak when an attacker sends a HTTP request to the web server of the device. Affected Product: Modicon M340 CPUs: BMXP34 (Versions prior to V3.40), Modicon M340 X80 Ethernet Communication Modules: BMXNOE0100 (H), BMXNOE0110 (H), BMXNOC0401, BMXNOR0200H RTU (All Versions), Modicon Premium Processors with integrated Ethernet (Copro): TSXP574634, TSXP575634, TSXP576634 (All Versions), Modicon Quantum Processors with Integrated Ethernet (Copro): 140CPU65xxxxx (All Versions), Modicon Quantum Communication Modules: 140NOE771x1, 140NOC78x00, 140NOC77101 (All Versions), Modicon Premium Communication Modules: TSXETY4103, TSXETY5103 (All Versions)"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-200",
              "description": "CWE-200: Information Exposure",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-02-11T17:40:31",
        "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "shortName": "schneider"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-257-02"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cybersecurity@schneider-electric.com",
          "ID": "CVE-2021-22785",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Modicon M340 CPUs: BMXP34 (Versions prior to V3.40), Modicon M340 X80 Ethernet Communication Modules: BMXNOE0100 (H), BMXNOE0110 (H), BMXNOC0401, BMXNOR0200H RTU (All Versions), Modicon Premium Processors with integrated Ethernet (Copro): TSXP574634, TSXP575634, TSXP576634 (All Versions), Modicon Quantum Processors with Integrated Ethernet (Copro): 140CPU65xxxxx (All Versions), Modicon Quantum Communication Modules: 140NOE771x1, 140NOC78x00, 140NOC77101 (All Versions), Modicon Premium Communication Modules: TSXETY4103, TSXETY5103 (All Versions)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Modicon M340 CPUs: BMXP34 (Versions prior to V3.40), Modicon M340 X80 Ethernet Communication Modules: BMXNOE0100 (H), BMXNOE0110 (H), BMXNOC0401, BMXNOR0200H RTU (All Versions), Modicon Premium Processors with integrated Ethernet (Copro): TSXP574634, TSXP575634, TSXP576634 (All Versions), Modicon Quantum Processors with Integrated Ethernet (Copro): 140CPU65xxxxx (All Versions), Modicon Quantum Communication Modules: 140NOE771x1, 140NOC78x00, 140NOC77101 (All Versions), Modicon Premium Communication Modules: TSXETY4103, TSXETY5103 (All Versions)"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A CWE-200: Information Exposure vulnerability exists that could cause sensitive information of files located in the web root directory to leak when an attacker sends a HTTP request to the web server of the device. Affected Product: Modicon M340 CPUs: BMXP34 (Versions prior to V3.40), Modicon M340 X80 Ethernet Communication Modules: BMXNOE0100 (H), BMXNOE0110 (H), BMXNOC0401, BMXNOR0200H RTU (All Versions), Modicon Premium Processors with integrated Ethernet (Copro): TSXP574634, TSXP575634, TSXP576634 (All Versions), Modicon Quantum Processors with Integrated Ethernet (Copro): 140CPU65xxxxx (All Versions), Modicon Quantum Communication Modules: 140NOE771x1, 140NOC78x00, 140NOC77101 (All Versions), Modicon Premium Communication Modules: TSXETY4103, TSXETY5103 (All Versions)"
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-200: Information Exposure"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-257-02",
              "refsource": "MISC",
              "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-257-02"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
    "assignerShortName": "schneider",
    "cveId": "CVE-2021-22785",
    "datePublished": "2022-02-11T17:40:31",
    "dateReserved": "2021-01-06T00:00:00",
    "dateUpdated": "2024-08-03T18:51:07.422Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-22789
Vulnerability from cvelistv5
Published
2021-09-02 16:52
Modified
2024-08-03 18:51
Severity ?
Summary
A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxureª Control Expert, including all Unity Pro versions (former name of EcoStruxureª Control Expert, all versions), PLC Simulator for EcoStruxureª Process Expert including all HDCS versions (former name of EcoStruxureª Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions).
References
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-04x_refsource_MISC
Impacted products
Vendor Product Version
n/a Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxureª Control Expert, including all Unity Pro versions (former name of EcoStruxureª Control Expert, all versions), PLC Simulator for EcoStruxureª Process Expert including all HDCS versions (former name of EcoStruxureª Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions) Version: Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxureª Control Expert, including all Unity Pro versions (former name of EcoStruxureª Control Expert, all versions), PLC Simulator for EcoStruxureª Process Expert including all HDCS versions (former name of EcoStruxureª Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T18:51:07.526Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-04"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxure\u00aa Control Expert, including all Unity Pro versions (former name of EcoStruxure\u00aa Control Expert, all versions), PLC Simulator for EcoStruxure\u00aa Process Expert including all HDCS versions (former name of EcoStruxure\u00aa Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxure\u00aa Control Expert, including all Unity Pro versions (former name of EcoStruxure\u00aa Control Expert, all versions), PLC Simulator for EcoStruxure\u00aa Process Expert including all HDCS versions (former name of EcoStruxure\u00aa Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxure\u00aa Control Expert, including all Unity Pro versions (former name of EcoStruxure\u00aa Control Expert, all versions), PLC Simulator for EcoStruxure\u00aa Process Expert including all HDCS versions (former name of EcoStruxure\u00aa Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-119",
              "description": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-09-02T16:52:25",
        "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "shortName": "schneider"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-04"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cybersecurity@schneider-electric.com",
          "ID": "CVE-2021-22789",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxure\u00aa Control Expert, including all Unity Pro versions (former name of EcoStruxure\u00aa Control Expert, all versions), PLC Simulator for EcoStruxure\u00aa Process Expert including all HDCS versions (former name of EcoStruxure\u00aa Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxure\u00aa Control Expert, including all Unity Pro versions (former name of EcoStruxure\u00aa Control Expert, all versions), PLC Simulator for EcoStruxure\u00aa Process Expert including all HDCS versions (former name of EcoStruxure\u00aa Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxure\u00aa Control Expert, including all Unity Pro versions (former name of EcoStruxure\u00aa Control Expert, all versions), PLC Simulator for EcoStruxure\u00aa Process Expert including all HDCS versions (former name of EcoStruxure\u00aa Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-04",
              "refsource": "MISC",
              "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-04"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
    "assignerShortName": "schneider",
    "cveId": "CVE-2021-22789",
    "datePublished": "2021-09-02T16:52:25",
    "dateReserved": "2021-01-06T00:00:00",
    "dateUpdated": "2024-08-03T18:51:07.526Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-7242
Vulnerability from cvelistv5
Published
2018-04-18 20:00
Modified
2024-08-05 06:24
Severity ?
Summary
Vulnerable hash algorithms exists in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communication modules. The algorithm used to encrypt the password is vulnerable to hash collision attacks.
References
https://www.schneider-electric.com/en/download/document/SEVD-2018-081-01/x_refsource_CONFIRM
https://ics-cert.us-cert.gov/advisories/ICSA-18-086-01x_refsource_MISC
http://www.securityfocus.com/bid/103543vdb-entry, x_refsource_BID
Impacted products
Vendor Product Version
Schneider Electric SE Modicon Premium, Modicon Quantum, Modicon M340, BMXNOR0200 Version: All versions of communication modules for Modicon Premium, Quantum, M340 and BMXNOR0200
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T06:24:11.352Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-081-01/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-086-01"
          },
          {
            "name": "103543",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/103543"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Modicon Premium, Modicon Quantum, Modicon M340, BMXNOR0200",
          "vendor": "Schneider Electric SE",
          "versions": [
            {
              "status": "affected",
              "version": "All versions of communication modules for Modicon Premium, Quantum, M340 and BMXNOR0200"
            }
          ]
        }
      ],
      "datePublic": "2018-03-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Vulnerable hash algorithms exists in Schneider Electric\u0027s Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communication modules. The algorithm used to encrypt the password is vulnerable to hash collision attacks."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Vulnerable Hash Algorithms",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-12-05T20:57:01",
        "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "shortName": "schneider"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-081-01/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-086-01"
        },
        {
          "name": "103543",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/103543"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cybersecurity@schneider-electric.com",
          "ID": "CVE-2018-7242",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Modicon Premium, Modicon Quantum, Modicon M340, BMXNOR0200",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All versions of communication modules for Modicon Premium, Quantum, M340 and BMXNOR0200"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Schneider Electric SE"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Vulnerable hash algorithms exists in Schneider Electric\u0027s Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communication modules. The algorithm used to encrypt the password is vulnerable to hash collision attacks."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Vulnerable Hash Algorithms"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.schneider-electric.com/en/download/document/SEVD-2018-081-01/",
              "refsource": "CONFIRM",
              "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-081-01/"
            },
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-18-086-01",
              "refsource": "MISC",
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-086-01"
            },
            {
              "name": "103543",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/103543"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
    "assignerShortName": "schneider",
    "cveId": "CVE-2018-7242",
    "datePublished": "2018-04-18T20:00:00",
    "dateReserved": "2018-02-19T00:00:00",
    "dateUpdated": "2024-08-05T06:24:11.352Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-7759
Vulnerability from cvelistv5
Published
2018-04-18 20:00
Modified
2024-08-05 06:37
Severity ?
Summary
A buffer overflow vulnerability exists in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200. The buffer overflow vulnerability is caused by the length of the source string specified (instead of the buffer size) as the number of bytes to be copied.
References
https://www.schneider-electric.com/en/download/document/SEVD-2018-081-02/x_refsource_CONFIRM
Impacted products
Vendor Product Version
Schneider Electric SE Modicon M340, Modicon Premium, Modicon Quantum, BMXNOR0200 Version: All Modicon M340, Premium, Quantum PLCs and BMXNOR0200
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T06:37:57.979Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-081-02/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Modicon M340, Modicon Premium, Modicon Quantum, BMXNOR0200",
          "vendor": "Schneider Electric SE",
          "versions": [
            {
              "status": "affected",
              "version": "All Modicon M340, Premium, Quantum PLCs and BMXNOR0200"
            }
          ]
        }
      ],
      "datePublic": "2018-03-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A buffer overflow vulnerability exists in Schneider Electric\u0027s Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200. The buffer overflow vulnerability is caused by the length of the source string specified (instead of the buffer size) as the number of bytes to be copied."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Buffer overflow",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-04-18T19:57:01",
        "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "shortName": "schneider"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-081-02/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cybersecurity@schneider-electric.com",
          "ID": "CVE-2018-7759",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Modicon M340, Modicon Premium, Modicon Quantum, BMXNOR0200",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All Modicon M340, Premium, Quantum PLCs and BMXNOR0200"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Schneider Electric SE"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A buffer overflow vulnerability exists in Schneider Electric\u0027s Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200. The buffer overflow vulnerability is caused by the length of the source string specified (instead of the buffer size) as the number of bytes to be copied."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.schneider-electric.com/en/download/document/SEVD-2018-081-02/",
              "refsource": "CONFIRM",
              "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-081-02/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
    "assignerShortName": "schneider",
    "cveId": "CVE-2018-7759",
    "datePublished": "2018-04-18T20:00:00",
    "dateReserved": "2018-03-08T00:00:00",
    "dateUpdated": "2024-08-05T06:37:57.979Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-7542
Vulnerability from cvelistv5
Published
2020-12-11 00:52
Modified
2024-08-04 09:33
Severity ?
Summary
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum & Modicon Premium (see security notifications for affected versions), that could cause denial of service when a specially crafted Read Physical Memory request over Modbus is sent to the controller.
References
https://www.se.com/ww/en/download/document/SEVD-2020-343-08/x_refsource_CONFIRM
Impacted products
Vendor Product Version
n/a Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum & Modicon Premium (see security notifications for affected versions) Version: Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum & Modicon Premium (see security notifications for affected versions)
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:33:19.616Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-08/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum \u0026 Modicon Premium (see security notifications for affected versions)",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum \u0026 Modicon Premium (see security notifications for affected versions)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum \u0026 Modicon Premium (see security notifications for affected versions), that could cause denial of service when a specially crafted Read Physical Memory request over Modbus is sent to the controller."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-754",
              "description": "CWE-754: Improper Check for Unusual or Exceptional Conditions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-12-11T00:52:14",
        "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "shortName": "schneider"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-08/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cybersecurity@schneider-electric.com",
          "ID": "CVE-2020-7542",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum \u0026 Modicon Premium (see security notifications for affected versions)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum \u0026 Modicon Premium (see security notifications for affected versions)"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum \u0026 Modicon Premium (see security notifications for affected versions), that could cause denial of service when a specially crafted Read Physical Memory request over Modbus is sent to the controller."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-754: Improper Check for Unusual or Exceptional Conditions"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.se.com/ww/en/download/document/SEVD-2020-343-08/",
              "refsource": "CONFIRM",
              "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-08/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
    "assignerShortName": "schneider",
    "cveId": "CVE-2020-7542",
    "datePublished": "2020-12-11T00:52:14",
    "dateReserved": "2020-01-21T00:00:00",
    "dateUpdated": "2024-08-04T09:33:19.616Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-7543
Vulnerability from cvelistv5
Published
2020-12-11 00:52
Modified
2024-08-04 09:33
Severity ?
Summary
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum & Modicon Premium (see security notifications for affected versions), that could cause denial of service when a specially crafted Read Physical Memory request over Modbus is sent to the controller.
References
https://www.se.com/ww/en/download/document/SEVD-2020-343-08/x_refsource_CONFIRM
Impacted products
Vendor Product Version
n/a Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum & Modicon Premium (see security notifications for affected versions) Version: Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum & Modicon Premium (see security notifications for affected versions)
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:33:19.525Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-08/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum \u0026 Modicon Premium (see security notifications for affected versions)",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum \u0026 Modicon Premium (see security notifications for affected versions)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum \u0026 Modicon Premium (see security notifications for affected versions), that could cause denial of service when a specially crafted Read Physical Memory request over Modbus is sent to the controller."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-754",
              "description": "CWE-754: Improper Check for Unusual or Exceptional Conditions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-12-11T00:52:21",
        "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "shortName": "schneider"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-08/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cybersecurity@schneider-electric.com",
          "ID": "CVE-2020-7543",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum \u0026 Modicon Premium (see security notifications for affected versions)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum \u0026 Modicon Premium (see security notifications for affected versions)"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum \u0026 Modicon Premium (see security notifications for affected versions), that could cause denial of service when a specially crafted Read Physical Memory request over Modbus is sent to the controller."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-754: Improper Check for Unusual or Exceptional Conditions"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.se.com/ww/en/download/document/SEVD-2020-343-08/",
              "refsource": "CONFIRM",
              "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-08/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
    "assignerShortName": "schneider",
    "cveId": "CVE-2020-7543",
    "datePublished": "2020-12-11T00:52:21",
    "dateReserved": "2020-01-21T00:00:00",
    "dateUpdated": "2024-08-04T09:33:19.525Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-45789
Vulnerability from cvelistv5
Published
2023-01-31 00:00
Modified
2025-02-05 20:07
Severity ?
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause execution of unauthorized Modbus functions on the controller when hijacking an authenticated Modbus session. Affected Products: EcoStruxure Control Expert (All Versions), EcoStruxure Process Expert (All Versions), Modicon M340 CPU - part numbers BMXP34* (All Versions), Modicon M580 CPU - part numbers BMEP* and BMEH* (All Versions), Modicon M580 CPU Safety - part numbers BMEP58*S and BMEH58*S (All Versions)
References
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-010-06&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-010-06_Modicon_Controllers_Security_Notification.pdf
Impacted products
Vendor Product Version
Schneider Electric EcoStruxure Control Expert Version: All Versions
 Create a notification for this product.
   Schneider Electric EcoStruxure Process Expert Version: All Versions
 Create a notification for this product.
   Schneider Electric Modicon M340 CPU (part numbers BMXP34*) Version: All Versions
 Create a notification for this product.
   Schneider Electric Modicon M580 CPU (part numbers BMEP* and BMEH*) Version: All Versions
 Create a notification for this product.
   Schneider Electric Modicon M580 CPU Safety (part numbers BMEP58*S and BMEH58*S) Version: All Versions
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T14:17:04.077Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-010-06\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2023-010-06_Modicon_Controllers_Security_Notification.pdf"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-45789",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-05T19:52:21.864489Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-05T20:07:07.568Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "EcoStruxure Control Expert ",
          "vendor": "Schneider Electric",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "EcoStruxure Process Expert",
          "vendor": "Schneider Electric",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Modicon M340 CPU (part numbers BMXP34*)",
          "vendor": "Schneider Electric",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Modicon M580 CPU (part numbers BMEP* and BMEH*) ",
          "vendor": "Schneider Electric",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Modicon M580 CPU Safety (part numbers BMEP58*S and BMEH58*S)",
          "vendor": "Schneider Electric",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eA CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause execution of unauthorized Modbus functions on the controller when hijacking an authenticated Modbus session. Affected Products: EcoStruxure Control Expert (All Versions), EcoStruxure Process Expert (All Versions), Modicon M340 CPU - part numbers BMXP34* (All Versions), Modicon M580 CPU - part numbers BMEP* and BMEH* (All Versions), Modicon M580 CPU Safety - part numbers BMEP58*S and BMEH58*S (All Versions)\u003c/p\u003e"
            }
          ],
          "value": "A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause execution of unauthorized Modbus functions on the controller when hijacking an authenticated Modbus session. Affected Products: EcoStruxure Control Expert (All Versions), EcoStruxure Process Expert (All Versions), Modicon M340 CPU - part numbers BMXP34* (All Versions), Modicon M580 CPU - part numbers BMEP* and BMEH* (All Versions), Modicon M580 CPU Safety - part numbers BMEP58*S and BMEH58*S (All Versions)\n\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-294",
              "description": "CWE-294: Authentication Bypass by Capture-Replay",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-08-09T13:48:11.112Z",
        "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "shortName": "schneider"
      },
      "references": [
        {
          "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-010-06\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2023-010-06_Modicon_Controllers_Security_Notification.pdf"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
    "assignerShortName": "schneider",
    "cveId": "CVE-2022-45789",
    "datePublished": "2023-01-31T00:00:00.000Z",
    "dateReserved": "2022-11-22T00:00:00.000Z",
    "dateUpdated": "2025-02-05T20:07:07.568Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-7540
Vulnerability from cvelistv5
Published
2020-12-11 00:52
Modified
2024-08-04 09:33
Severity ?
Summary
A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause unauthenticated command execution in the controller when sending special HTTP requests.
References
https://www.se.com/ww/en/download/document/SEVD-2020-343-04/x_refsource_CONFIRM
Impacted products
Vendor Product Version
n/a Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions) Version: Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions)
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:33:19.892Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-04/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions)",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause unauthenticated command execution in the controller when sending special HTTP requests."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-306",
              "description": "CWE-306: Missing Authentication for Critical Function",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-12-11T00:52:03",
        "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "shortName": "schneider"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-04/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cybersecurity@schneider-electric.com",
          "ID": "CVE-2020-7540",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions)"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause unauthenticated command execution in the controller when sending special HTTP requests."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-306: Missing Authentication for Critical Function"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.se.com/ww/en/download/document/SEVD-2020-343-04/",
              "refsource": "CONFIRM",
              "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-04/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
    "assignerShortName": "schneider",
    "cveId": "CVE-2020-7540",
    "datePublished": "2020-12-11T00:52:03",
    "dateReserved": "2020-01-21T00:00:00",
    "dateUpdated": "2024-08-04T09:33:19.892Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-7534
Vulnerability from cvelistv5
Published
2022-02-04 22:29
Modified
2024-08-04 09:33
Severity ?
Summary
A CWE-352: Cross-Site Request Forgery (CSRF) vulnerability exists on the web server used, that could cause a leak of sensitive data or unauthorized actions on the web server during the time the user is logged in. Affected Products: Modicon M340 CPUs: BMXP34 (All Versions), Modicon Quantum CPUs with integrated Ethernet (Copro): 140CPU65 (All Versions), Modicon Premium CPUs with integrated Ethernet (Copro): TSXP57 (All Versions), Modicon M340 ethernet modules: (BMXNOC0401, BMXNOE01, BMXNOR0200H) (All Versions), Modicon Quantum and Premium factory cast communication modules: (140NOE77111, 140NOC78*00, TSXETY5103, TSXETY4103) (All Versions)
References
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-011-01x_refsource_MISC
Impacted products
Vendor Product Version
n/a Modicon M340 CPUs: BMXP34 (All Versions), Modicon Quantum CPUs with integrated Ethernet (Copro): 140CPU65 (All Versions), Modicon Premium CPUs with integrated Ethernet (Copro): TSXP57 (All Versions), Modicon M340 ethernet modules: (BMXNOC0401, BMXNOE01, BMXNOR0200H) (All Versions), Modicon Quantum and Premium factory cast communication modules: (140NOE77111, 140NOC78*00, TSXETY5103, TSXETY4103) Version: Modicon M340 CPUs: BMXP34 (All Versions), Modicon Quantum CPUs with integrated Ethernet (Copro): 140CPU65 (All Versions), Modicon Premium CPUs with integrated Ethernet (Copro): TSXP57 (All Versions), Modicon M340 ethernet modules: (BMXNOC0401, BMXNOE01, BMXNOR0200H) (All Versions), Modicon Quantum and Premium factory cast communication modules: (140NOE77111, 140NOC78*00, TSXETY5103, TSXETY4103) (All Versions)
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:33:19.804Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-011-01"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Modicon M340 CPUs: BMXP34 (All Versions), Modicon Quantum CPUs with integrated Ethernet (Copro): 140CPU65 (All Versions), Modicon Premium CPUs with integrated Ethernet (Copro): TSXP57 (All Versions), Modicon M340 ethernet modules: (BMXNOC0401, BMXNOE01, BMXNOR0200H) (All Versions), Modicon Quantum and Premium factory cast communication modules: (140NOE77111, 140NOC78*00, TSXETY5103, TSXETY4103)",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Modicon M340 CPUs: BMXP34 (All Versions), Modicon Quantum CPUs with integrated Ethernet (Copro): 140CPU65 (All Versions), Modicon Premium CPUs with integrated Ethernet (Copro): TSXP57 (All Versions), Modicon M340 ethernet modules: (BMXNOC0401, BMXNOE01, BMXNOR0200H) (All Versions), Modicon Quantum and Premium factory cast communication modules: (140NOE77111, 140NOC78*00, TSXETY5103, TSXETY4103) (All Versions)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A CWE-352: Cross-Site Request Forgery (CSRF) vulnerability exists on the web server used, that could cause a leak of sensitive data or unauthorized actions on the web server during the time the user is logged in. Affected Products: Modicon M340 CPUs: BMXP34 (All Versions), Modicon Quantum CPUs with integrated Ethernet (Copro): 140CPU65 (All Versions), Modicon Premium CPUs with integrated Ethernet (Copro): TSXP57 (All Versions), Modicon M340 ethernet modules: (BMXNOC0401, BMXNOE01, BMXNOR0200H) (All Versions), Modicon Quantum and Premium factory cast communication modules: (140NOE77111, 140NOC78*00, TSXETY5103, TSXETY4103) (All Versions)"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-352",
              "description": "CWE-352: Cross-Site Request Forgery (CSRF)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-02-04T22:29:36",
        "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "shortName": "schneider"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-011-01"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cybersecurity@schneider-electric.com",
          "ID": "CVE-2020-7534",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Modicon M340 CPUs: BMXP34 (All Versions), Modicon Quantum CPUs with integrated Ethernet (Copro): 140CPU65 (All Versions), Modicon Premium CPUs with integrated Ethernet (Copro): TSXP57 (All Versions), Modicon M340 ethernet modules: (BMXNOC0401, BMXNOE01, BMXNOR0200H) (All Versions), Modicon Quantum and Premium factory cast communication modules: (140NOE77111, 140NOC78*00, TSXETY5103, TSXETY4103)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Modicon M340 CPUs: BMXP34 (All Versions), Modicon Quantum CPUs with integrated Ethernet (Copro): 140CPU65 (All Versions), Modicon Premium CPUs with integrated Ethernet (Copro): TSXP57 (All Versions), Modicon M340 ethernet modules: (BMXNOC0401, BMXNOE01, BMXNOR0200H) (All Versions), Modicon Quantum and Premium factory cast communication modules: (140NOE77111, 140NOC78*00, TSXETY5103, TSXETY4103) (All Versions)"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A CWE-352: Cross-Site Request Forgery (CSRF) vulnerability exists on the web server used, that could cause a leak of sensitive data or unauthorized actions on the web server during the time the user is logged in. Affected Products: Modicon M340 CPUs: BMXP34 (All Versions), Modicon Quantum CPUs with integrated Ethernet (Copro): 140CPU65 (All Versions), Modicon Premium CPUs with integrated Ethernet (Copro): TSXP57 (All Versions), Modicon M340 ethernet modules: (BMXNOC0401, BMXNOE01, BMXNOR0200H) (All Versions), Modicon Quantum and Premium factory cast communication modules: (140NOE77111, 140NOC78*00, TSXETY5103, TSXETY4103) (All Versions)"
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-352: Cross-Site Request Forgery (CSRF)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-011-01",
              "refsource": "MISC",
              "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-011-01"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
    "assignerShortName": "schneider",
    "cveId": "CVE-2020-7534",
    "datePublished": "2022-02-04T22:29:36",
    "dateReserved": "2020-01-21T00:00:00",
    "dateUpdated": "2024-08-04T09:33:19.804Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-22787
Vulnerability from cvelistv5
Published
2022-02-11 17:40
Modified
2024-08-03 18:51
Severity ?
Summary
A CWE-20: Improper Input Validation vulnerability exists that could cause denial of service of the device when an attacker sends a specially crafted HTTP request to the web server of the device. Affected Product: Modicon M340 CPUs: BMXP34 (Versions prior to V3.40), Modicon M340 X80 Ethernet Communication Modules: BMXNOE0100 (H), BMXNOE0110 (H), BMXNOC0401, BMXNOR0200H RTU (All Versions), Modicon Premium Processors with integrated Ethernet (Copro): TSXP574634, TSXP575634, TSXP576634 (All Versions), Modicon Quantum Processors with Integrated Ethernet (Copro): 140CPU65xxxxx (All Versions), Modicon Quantum Communication Modules: 140NOE771x1, 140NOC78x00, 140NOC77101 (All Versions), Modicon Premium Communication Modules: TSXETY4103, TSXETY5103 (All Versions)
References
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-257-02x_refsource_MISC
Impacted products
Vendor Product Version
n/a Modicon M340 CPUs: BMXP34 (Versions prior to V3.40), Modicon M340 X80 Ethernet Communication Modules: BMXNOE0100 (H), BMXNOE0110 (H), BMXNOC0401, BMXNOR0200H RTU (All Versions), Modicon Premium Processors with integrated Ethernet (Copro): TSXP574634, TSXP575634, TSXP576634 (All Versions), Modicon Quantum Processors with Integrated Ethernet (Copro): 140CPU65xxxxx (All Versions), Modicon Quantum Communication Modules: 140NOE771x1, 140NOC78x00, 140NOC77101 (All Versions), Modicon Premium Communication Modules: TSXETY4103, TSXETY5103 (All Versions) Version: Modicon M340 CPUs: BMXP34 (Versions prior to V3.40), Modicon M340 X80 Ethernet Communication Modules: BMXNOE0100 (H), BMXNOE0110 (H), BMXNOC0401, BMXNOR0200H RTU (All Versions), Modicon Premium Processors with integrated Ethernet (Copro): TSXP574634, TSXP575634, TSXP576634 (All Versions), Modicon Quantum Processors with Integrated Ethernet (Copro): 140CPU65xxxxx (All Versions), Modicon Quantum Communication Modules: 140NOE771x1, 140NOC78x00, 140NOC77101 (All Versions), Modicon Premium Communication Modules: TSXETY4103, TSXETY5103 (All Versions)
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T18:51:07.470Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-257-02"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Modicon M340 CPUs: BMXP34 (Versions prior to V3.40), Modicon M340 X80 Ethernet Communication Modules: BMXNOE0100 (H), BMXNOE0110 (H), BMXNOC0401, BMXNOR0200H RTU (All Versions), Modicon Premium Processors with integrated Ethernet (Copro): TSXP574634, TSXP575634, TSXP576634 (All Versions), Modicon Quantum Processors with Integrated Ethernet (Copro): 140CPU65xxxxx (All Versions), Modicon Quantum Communication Modules: 140NOE771x1, 140NOC78x00, 140NOC77101 (All Versions), Modicon Premium Communication Modules: TSXETY4103, TSXETY5103 (All Versions)",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Modicon M340 CPUs: BMXP34 (Versions prior to V3.40), Modicon M340 X80 Ethernet Communication Modules: BMXNOE0100 (H), BMXNOE0110 (H), BMXNOC0401, BMXNOR0200H RTU (All Versions), Modicon Premium Processors with integrated Ethernet (Copro): TSXP574634, TSXP575634, TSXP576634 (All Versions), Modicon Quantum Processors with Integrated Ethernet (Copro): 140CPU65xxxxx (All Versions), Modicon Quantum Communication Modules: 140NOE771x1, 140NOC78x00, 140NOC77101 (All Versions), Modicon Premium Communication Modules: TSXETY4103, TSXETY5103 (All Versions)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A CWE-20: Improper Input Validation vulnerability exists that could cause denial of service of the device when an attacker sends a specially crafted HTTP request to the web server of the device. Affected Product: Modicon M340 CPUs: BMXP34 (Versions prior to V3.40), Modicon M340 X80 Ethernet Communication Modules: BMXNOE0100 (H), BMXNOE0110 (H), BMXNOC0401, BMXNOR0200H RTU (All Versions), Modicon Premium Processors with integrated Ethernet (Copro): TSXP574634, TSXP575634, TSXP576634 (All Versions), Modicon Quantum Processors with Integrated Ethernet (Copro): 140CPU65xxxxx (All Versions), Modicon Quantum Communication Modules: 140NOE771x1, 140NOC78x00, 140NOC77101 (All Versions), Modicon Premium Communication Modules: TSXETY4103, TSXETY5103 (All Versions)"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20: Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-02-11T17:40:32",
        "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "shortName": "schneider"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-257-02"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cybersecurity@schneider-electric.com",
          "ID": "CVE-2021-22787",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Modicon M340 CPUs: BMXP34 (Versions prior to V3.40), Modicon M340 X80 Ethernet Communication Modules: BMXNOE0100 (H), BMXNOE0110 (H), BMXNOC0401, BMXNOR0200H RTU (All Versions), Modicon Premium Processors with integrated Ethernet (Copro): TSXP574634, TSXP575634, TSXP576634 (All Versions), Modicon Quantum Processors with Integrated Ethernet (Copro): 140CPU65xxxxx (All Versions), Modicon Quantum Communication Modules: 140NOE771x1, 140NOC78x00, 140NOC77101 (All Versions), Modicon Premium Communication Modules: TSXETY4103, TSXETY5103 (All Versions)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Modicon M340 CPUs: BMXP34 (Versions prior to V3.40), Modicon M340 X80 Ethernet Communication Modules: BMXNOE0100 (H), BMXNOE0110 (H), BMXNOC0401, BMXNOR0200H RTU (All Versions), Modicon Premium Processors with integrated Ethernet (Copro): TSXP574634, TSXP575634, TSXP576634 (All Versions), Modicon Quantum Processors with Integrated Ethernet (Copro): 140CPU65xxxxx (All Versions), Modicon Quantum Communication Modules: 140NOE771x1, 140NOC78x00, 140NOC77101 (All Versions), Modicon Premium Communication Modules: TSXETY4103, TSXETY5103 (All Versions)"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A CWE-20: Improper Input Validation vulnerability exists that could cause denial of service of the device when an attacker sends a specially crafted HTTP request to the web server of the device. Affected Product: Modicon M340 CPUs: BMXP34 (Versions prior to V3.40), Modicon M340 X80 Ethernet Communication Modules: BMXNOE0100 (H), BMXNOE0110 (H), BMXNOC0401, BMXNOR0200H RTU (All Versions), Modicon Premium Processors with integrated Ethernet (Copro): TSXP574634, TSXP575634, TSXP576634 (All Versions), Modicon Quantum Processors with Integrated Ethernet (Copro): 140CPU65xxxxx (All Versions), Modicon Quantum Communication Modules: 140NOE771x1, 140NOC78x00, 140NOC77101 (All Versions), Modicon Premium Communication Modules: TSXETY4103, TSXETY5103 (All Versions)"
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-20: Improper Input Validation"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-257-02",
              "refsource": "MISC",
              "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-257-02"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
    "assignerShortName": "schneider",
    "cveId": "CVE-2021-22787",
    "datePublished": "2022-02-11T17:40:32",
    "dateReserved": "2021-01-06T00:00:00",
    "dateUpdated": "2024-08-03T18:51:07.470Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-7537
Vulnerability from cvelistv5
Published
2020-12-11 00:51
Modified
2024-08-04 09:33
Severity ?
Summary
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum & Modicon Premium (see security notifications for affected versions), that could cause denial of service when a specially crafted Read Physical Memory request over Modbus is sent to the controller.
References
https://www.se.com/ww/en/download/document/SEVD-2020-343-08/x_refsource_CONFIRM
Impacted products
Vendor Product Version
n/a Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum & Modicon Premium (see security notifications for affected versions) Version: Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum & Modicon Premium (see security notifications for affected versions)
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:33:19.484Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-08/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum \u0026 Modicon Premium (see security notifications for affected versions)",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum \u0026 Modicon Premium (see security notifications for affected versions)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum \u0026 Modicon Premium (see security notifications for affected versions), that could cause denial of service when a specially crafted Read Physical Memory request over Modbus is sent to the controller."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-754",
              "description": "CWE-754: Improper Check for Unusual or Exceptional Conditions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-12-11T00:51:52",
        "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "shortName": "schneider"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-08/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cybersecurity@schneider-electric.com",
          "ID": "CVE-2020-7537",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum \u0026 Modicon Premium (see security notifications for affected versions)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum \u0026 Modicon Premium (see security notifications for affected versions)"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum \u0026 Modicon Premium (see security notifications for affected versions), that could cause denial of service when a specially crafted Read Physical Memory request over Modbus is sent to the controller."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-754: Improper Check for Unusual or Exceptional Conditions"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.se.com/ww/en/download/document/SEVD-2020-343-08/",
              "refsource": "CONFIRM",
              "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-08/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
    "assignerShortName": "schneider",
    "cveId": "CVE-2020-7537",
    "datePublished": "2020-12-11T00:51:52",
    "dateReserved": "2020-01-21T00:00:00",
    "dateUpdated": "2024-08-04T09:33:19.484Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2023-6408
Vulnerability from cvelistv5
Published
2024-02-14 16:52
Modified
2024-08-02 08:28
Severity ?
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
CWE-924: Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability exists that could cause a denial of service and loss of confidentiality, integrity of controllers when conducting a Man in the Middle attack.
References
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-044-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-044-01.pdf
Impacted products
Vendor Product Version
Schneider Electric Modicon M340 CPU (part numbers BMXP34*) Version: Versions prior to sv3.60
 Create a notification for this product.
   Schneider Electric Modicon M580 CPU (part numbers BMEP* and BMEH*, excluding M580 CPU Safety) Version: Versions prior to sv4.20
 Create a notification for this product.
   Schneider Electric Modicon M580 CPU Safety (part numbers BMEP58*S and BMEH58*S) Version: All Versions
 Create a notification for this product.
   Schneider Electric EcoStruxure Control Expert Version: Versions prior to v16.0
 Create a notification for this product.
   Schneider Electric EcoStruxure Process Expert Version: Versions prior to v2023
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:schneider-electric:modicon_m580_bmeh582040c_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:schneider-electric:modicon_m580_bmeh582040_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:schneider-electric:modicon_m580_bmeh582040s_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:schneider-electric:modicon_m580_bmeh584040c_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:schneider-electric:modicon_m580_bmeh584040_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:schneider-electric:modicon_m580_bmeh584040s_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:schneider-electric:modicon_m580_bmeh586040c_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:schneider-electric:modicon_m580_bmeh586040_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:schneider-electric:modicon_m580_bmeh586040s_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:schneider-electric:modicon_m580_bmep581020_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:schneider-electric:modicon_m580_bmep581020h_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:schneider-electric:modicon_m580_bmep582020_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:schneider-electric:modicon_m580_bmep582020h_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:schneider-electric:modicon_m580_bmep582040h_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:schneider-electric:modicon_m580_bmep582040s_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:schneider-electric:modicon_m580_bmep583020_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:schneider-electric:modicon_m580_bmep583040_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:schneider-electric:modicon_m580_bmep584020_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:schneider-electric:modicon_m580_bmep584040_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:schneider-electric:modicon_m580_bmep584040s_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:schneider-electric:modicon_m580_bmep585040c_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:schneider-electric:modicon_m580_bmep585040_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "modicon_m580_bmep585040_firmware",
            "vendor": "schneider-electric",
            "versions": [
              {
                "lessThan": "4.20",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:schneider-electric:modicon_m340_bmxp341000_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:schneider-electric:modicon_m340_bmxp341000h_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342000_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102cl_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:schneider-electric:modicon_m340_bmx_p34-2010_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342010_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020h_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302cl_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302h_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:schneider-electric:modicon_m340_bmx_p34-2030_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342030_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342030h_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "modicon_m340_bmxp342030h_firmware",
            "vendor": "schneider-electric",
            "versions": [
              {
                "lessThan": "3.60",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:schneider-electric:modicon_m580_bmeh582040c_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:schneider-electric:modicon_m580_bmeh582040_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:schneider-electric:modicon_m580_bmeh582040s_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:schneider-electric:modicon_m580_bmeh584040c_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:schneider-electric:modicon_m580_bmeh584040_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:schneider-electric:modicon_m580_bmeh584040s_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:schneider-electric:modicon_m580_bmeh586040c_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:schneider-electric:modicon_m580_bmeh586040_firmware:-:*:*:*:*:*:*:*",
              "cpe:2.3:o:schneider-electric:modicon_m580_bmeh586040s_firmware:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "modicon_m580_bmeh586040s_firmware",
            "vendor": "schneider-electric",
            "versions": [
              {
                "lessThan": "*",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-6408",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-17T19:15:41.696437Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-17T19:36:47.656Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T08:28:21.776Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-044-01\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2024-044-01.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Modicon M340 CPU (part numbers BMXP34*)",
          "vendor": "Schneider Electric",
          "versions": [
            {
              "status": "affected",
              "version": "Versions prior to sv3.60"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Modicon M580 CPU (part numbers BMEP* and BMEH*, excluding M580 CPU Safety)",
          "vendor": "Schneider Electric",
          "versions": [
            {
              "status": "affected",
              "version": "Versions prior to sv4.20"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Modicon M580 CPU Safety (part numbers BMEP58*S and BMEH58*S)",
          "vendor": "Schneider Electric",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "EcoStruxure Control Expert",
          "vendor": "Schneider Electric",
          "versions": [
            {
              "status": "affected",
              "version": "Versions prior to v16.0"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "EcoStruxure Process Expert",
          "vendor": "Schneider Electric",
          "versions": [
            {
              "status": "affected",
              "version": "Versions prior to v2023"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\nCWE-924: Improper Enforcement of Message Integrity During Transmission in a\nCommunication Channel vulnerability exists that could cause a denial of service and loss of\nconfidentiality, integrity of controllers when conducting a Man in the Middle attack.\n\n"
            }
          ],
          "value": "\nCWE-924: Improper Enforcement of Message Integrity During Transmission in a\nCommunication Channel vulnerability exists that could cause a denial of service and loss of\nconfidentiality, integrity of controllers when conducting a Man in the Middle attack.\n\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-924",
              "description": "CWE-924 Improper Enforcement of Message Integrity During Transmission in a Communication Channel",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-14T16:52:24.805Z",
        "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "shortName": "schneider"
      },
      "references": [
        {
          "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-044-01\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2024-044-01.pdf"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
    "assignerShortName": "schneider",
    "cveId": "CVE-2023-6408",
    "datePublished": "2024-02-14T16:52:24.805Z",
    "dateReserved": "2023-11-30T09:52:30.945Z",
    "dateUpdated": "2024-08-02T08:28:21.776Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2015-6461
Vulnerability from cvelistv5
Published
2019-03-21 18:17
Modified
2024-08-06 07:22
Severity ?
Summary
Remote file inclusion allows an attacker to craft a specific URL referencing the Schneider Electric Modicon BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP342020, BMXP342020H, BMXP342030, BMXP3420302, BMXP3420302H, or BMXP342030H PLC web server, which, when launched, will result in the browser redirecting to a remote file via a Java script loaded with the web page.
References
https://ics-cert.us-cert.gov/advisories/ICSA-15-246-02x_refsource_MISC
Impacted products
Vendor Product Version
n/a Schneider Electric Modicon PLC Version: BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP342020, BMXP342020H, BMXP342030, BMXP3420302, BMXP3420302H, and BMXP342030H.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T07:22:21.501Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-246-02"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Schneider Electric Modicon PLC",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP342020, BMXP342020H, BMXP342030, BMXP3420302, BMXP3420302H, and BMXP342030H."
            }
          ]
        }
      ],
      "datePublic": "2015-09-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Remote file inclusion allows an attacker to craft a specific URL referencing the Schneider Electric Modicon BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP342020, BMXP342020H, BMXP342030, BMXP3420302, BMXP3420302H, or BMXP342030H PLC web server, which, when launched, will result in the browser redirecting to a remote file via a Java script loaded with the web page."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-98",
              "description": "Remote file inclusion CWE-98",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-03-21T18:17:48",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-246-02"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2015-6461",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Schneider Electric Modicon PLC",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP342020, BMXP342020H, BMXP342030, BMXP3420302, BMXP3420302H, and BMXP342030H."
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Remote file inclusion allows an attacker to craft a specific URL referencing the Schneider Electric Modicon BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP342020, BMXP342020H, BMXP342030, BMXP3420302, BMXP3420302H, or BMXP342030H PLC web server, which, when launched, will result in the browser redirecting to a remote file via a Java script loaded with the web page."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Remote file inclusion CWE-98"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-246-02",
              "refsource": "MISC",
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-246-02"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2015-6461",
    "datePublished": "2019-03-21T18:17:48",
    "dateReserved": "2015-08-17T00:00:00",
    "dateUpdated": "2024-08-06T07:22:21.501Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-7541
Vulnerability from cvelistv5
Published
2020-12-11 00:52
Modified
2024-08-04 09:33
Severity ?
Summary
A CWE-425: Direct Request ('Forced Browsing') vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause disclosure of sensitive data when sending a specially crafted request to the controller over HTTP.
References
https://www.se.com/ww/en/download/document/SEVD-2020-343-03/x_refsource_CONFIRM
Impacted products
Vendor Product Version
n/a Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions) Version: Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions)
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:33:19.936Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-03/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions)",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A CWE-425: Direct Request (\u0027Forced Browsing\u0027) vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause disclosure of sensitive data when sending a specially crafted request to the controller over HTTP."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-425",
              "description": "CWE-425: Direct Request (\u0027Forced Browsing\u0027) vulnerability",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-12-11T00:52:09",
        "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "shortName": "schneider"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-03/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cybersecurity@schneider-electric.com",
          "ID": "CVE-2020-7541",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions)"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A CWE-425: Direct Request (\u0027Forced Browsing\u0027) vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause disclosure of sensitive data when sending a specially crafted request to the controller over HTTP."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-425: Direct Request (\u0027Forced Browsing\u0027) vulnerability"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.se.com/ww/en/download/document/SEVD-2020-343-03/",
              "refsource": "CONFIRM",
              "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-03/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
    "assignerShortName": "schneider",
    "cveId": "CVE-2020-7541",
    "datePublished": "2020-12-11T00:52:09",
    "dateReserved": "2020-01-21T00:00:00",
    "dateUpdated": "2024-08-04T09:33:19.936Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2013-2763
Vulnerability from cvelistv5
Published
2013-04-04 10:00
Modified
2024-09-17 03:23
Severity ?
Summary
The Schneider Electric M340 PLC modules allow remote attackers to cause a denial of service (resource consumption) via unspecified vectors. NOTE: the vendor reportedly disputes this issue because it "could not be duplicated" and "an attacker could not remotely exploit this observed behavior to deny PLC control functions.
References
http://ics-cert.us-cert.gov/pdf/ICSA-13-077-01A.pdfx_refsource_MISC
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T15:44:33.585Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://ics-cert.us-cert.gov/pdf/ICSA-13-077-01A.pdf"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The Schneider Electric M340 PLC modules allow remote attackers to cause a denial of service (resource consumption) via unspecified vectors.  NOTE: the vendor reportedly disputes this issue because it \"could not be duplicated\" and \"an attacker could not remotely exploit this observed behavior to deny PLC control functions."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2013-04-04T10:00:00Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://ics-cert.us-cert.gov/pdf/ICSA-13-077-01A.pdf"
        }
      ],
      "tags": [
        "disputed"
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2013-2763",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "** DISPUTED ** The Schneider Electric M340 PLC modules allow remote attackers to cause a denial of service (resource consumption) via unspecified vectors.  NOTE: the vendor reportedly disputes this issue because it \"could not be duplicated\" and \"an attacker could not remotely exploit this observed behavior to deny PLC control functions.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://ics-cert.us-cert.gov/pdf/ICSA-13-077-01A.pdf",
              "refsource": "MISC",
              "url": "http://ics-cert.us-cert.gov/pdf/ICSA-13-077-01A.pdf"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2013-2763",
    "datePublished": "2013-04-04T10:00:00Z",
    "dateReserved": "2013-04-04T00:00:00Z",
    "dateUpdated": "2024-09-17T03:23:58.044Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-7762
Vulnerability from cvelistv5
Published
2018-04-18 20:00
Modified
2024-08-05 06:37
Severity ?
Summary
A vulnerability exists in the web services to process SOAP requests in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200 which could allow result in a buffer overflow.
References
https://www.schneider-electric.com/en/download/document/SEVD-2018-081-02/x_refsource_CONFIRM
Impacted products
Vendor Product Version
Schneider Electric SE Modicon M340, Modicon Premium, Modicon Quantum, BMXNOR0203 Version: All Modicon M340, Premium, Quantum PLCs and BMXNOR0203
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T06:37:58.095Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-081-02/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Modicon M340, Modicon Premium, Modicon Quantum, BMXNOR0203",
          "vendor": "Schneider Electric SE",
          "versions": [
            {
              "status": "affected",
              "version": "All Modicon M340, Premium, Quantum PLCs and BMXNOR0203"
            }
          ]
        }
      ],
      "datePublic": "2018-03-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability exists in the web services to process SOAP requests in Schneider Electric\u0027s Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200 which could allow result in a buffer overflow."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Buffer overflow",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-04-18T19:57:01",
        "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "shortName": "schneider"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-081-02/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cybersecurity@schneider-electric.com",
          "ID": "CVE-2018-7762",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Modicon M340, Modicon Premium, Modicon Quantum, BMXNOR0203",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "All Modicon M340, Premium, Quantum PLCs and BMXNOR0203"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Schneider Electric SE"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A vulnerability exists in the web services to process SOAP requests in Schneider Electric\u0027s Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200 which could allow result in a buffer overflow."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.schneider-electric.com/en/download/document/SEVD-2018-081-02/",
              "refsource": "CONFIRM",
              "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-081-02/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
    "assignerShortName": "schneider",
    "cveId": "CVE-2018-7762",
    "datePublished": "2018-04-18T20:00:00",
    "dateReserved": "2018-03-08T00:00:00",
    "dateUpdated": "2024-08-05T06:37:58.095Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-7536
Vulnerability from cvelistv5
Published
2020-12-11 00:46
Modified
2024-08-04 09:33
Severity ?
Summary
A CWE-754:Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M340 CPUs (BMXP34* versions prior to V3.30) Modicon M340 Communication Ethernet modules (BMXNOE0100 (H) versions prior to V3.4 BMXNOE0110 (H) versions prior to V6.6 BMXNOR0200H all versions), that could cause the device to be unreachable when modifying network parameters over SNMP.
References
https://security.cse.iitk.ac.in/responsible-disclosurex_refsource_MISC
https://www.se.com/ww/en/download/document/SEVD-2020-343-07/x_refsource_CONFIRM
Impacted products
Vendor Product Version
n/a Modicon M340 CPUs (BMXP34* versions prior to V3.30) and Modicon M340 Communication Ethernet modules (BMXNOE0100 (H) versions prior to V3.4, BMXNOE0110 (H) versions prior to V6.6, and BMXNOR0200H all versions) Version: Modicon M340 CPUs (BMXP34* versions prior to V3.30) and Modicon M340 Communication Ethernet modules (BMXNOE0100 (H) versions prior to V3.4, BMXNOE0110 (H) versions prior to V6.6, and BMXNOR0200H all versions)
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:33:19.463Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.cse.iitk.ac.in/responsible-disclosure"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-07/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Modicon M340 CPUs (BMXP34* versions prior to V3.30) and Modicon M340 Communication Ethernet modules (BMXNOE0100 (H) versions prior to V3.4,  BMXNOE0110 (H) versions prior to V6.6, and BMXNOR0200H all versions)",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Modicon M340 CPUs (BMXP34* versions prior to V3.30) and Modicon M340 Communication Ethernet modules (BMXNOE0100 (H) versions prior to V3.4,  BMXNOE0110 (H) versions prior to V6.6, and BMXNOR0200H all versions)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A CWE-754:Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M340 CPUs (BMXP34* versions prior to V3.30) Modicon M340 Communication Ethernet modules (BMXNOE0100 (H) versions prior to V3.4 BMXNOE0110 (H) versions prior to V6.6 BMXNOR0200H all versions), that could cause the device to be unreachable when modifying network parameters over SNMP."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-754",
              "description": "CWE-754: Improper Check for Unusual or Exceptional Conditions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-12-14T12:56:47",
        "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "shortName": "schneider"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.cse.iitk.ac.in/responsible-disclosure"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-07/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cybersecurity@schneider-electric.com",
          "ID": "CVE-2020-7536",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Modicon M340 CPUs (BMXP34* versions prior to V3.30) and Modicon M340 Communication Ethernet modules (BMXNOE0100 (H) versions prior to V3.4,  BMXNOE0110 (H) versions prior to V6.6, and BMXNOR0200H all versions)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Modicon M340 CPUs (BMXP34* versions prior to V3.30) and Modicon M340 Communication Ethernet modules (BMXNOE0100 (H) versions prior to V3.4,  BMXNOE0110 (H) versions prior to V6.6, and BMXNOR0200H all versions)"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A CWE-754:Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M340 CPUs (BMXP34* versions prior to V3.30) Modicon M340 Communication Ethernet modules (BMXNOE0100 (H) versions prior to V3.4 BMXNOE0110 (H) versions prior to V6.6 BMXNOR0200H all versions), that could cause the device to be unreachable when modifying network parameters over SNMP."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-754: Improper Check for Unusual or Exceptional Conditions"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.cse.iitk.ac.in/responsible-disclosure",
              "refsource": "MISC",
              "url": "https://security.cse.iitk.ac.in/responsible-disclosure"
            },
            {
              "name": "https://www.se.com/ww/en/download/document/SEVD-2020-343-07/",
              "refsource": "CONFIRM",
              "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-07/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
    "assignerShortName": "schneider",
    "cveId": "CVE-2020-7536",
    "datePublished": "2020-12-11T00:46:18",
    "dateReserved": "2020-01-21T00:00:00",
    "dateUpdated": "2024-08-04T09:33:19.463Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2017-6017
Vulnerability from cvelistv5
Published
2017-06-30 02:35
Modified
2024-08-05 15:18
Severity ?
Summary
A Resource Exhaustion issue was discovered in Schneider Electric Modicon M340 PLC BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP341000, BMXP342000, BMXP3420102, BMXP3420102CL, BMXP342020, BMXP342020H, BMXP342030, BMXP3420302, BMXP3420302H, and BMXP342030H. A remote attacker could send a specially crafted set of packets to the PLC causing it to freeze, requiring the operator to physically press the reset button on the PLC in order to recover.
References
https://www.schneider-electric.com/en/download/document/SEVD-2017-048-02/x_refsource_CONFIRM
http://www.securityfocus.com/bid/96414vdb-entry, x_refsource_BID
https://ics-cert.us-cert.gov/advisories/ICSA-17-054-03x_refsource_MISC
Impacted products
Vendor Product Version
n/a Schneider Electric Modicon M340 PLC Version: Schneider Electric Modicon M340 PLC
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T15:18:49.611Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.schneider-electric.com/en/download/document/SEVD-2017-048-02/"
          },
          {
            "name": "96414",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/96414"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-054-03"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Schneider Electric Modicon M340 PLC",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Schneider Electric Modicon M340 PLC"
            }
          ]
        }
      ],
      "datePublic": "2017-06-29T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A Resource Exhaustion issue was discovered in Schneider Electric Modicon M340 PLC BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP341000, BMXP342000, BMXP3420102, BMXP3420102CL, BMXP342020, BMXP342020H, BMXP342030, BMXP3420302, BMXP3420302H, and BMXP342030H. A remote attacker could send a specially crafted set of packets to the PLC causing it to freeze, requiring the operator to physically press the reset button on the PLC in order to recover."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-12-24T15:57:01",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.schneider-electric.com/en/download/document/SEVD-2017-048-02/"
        },
        {
          "name": "96414",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/96414"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-054-03"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2017-6017",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Schneider Electric Modicon M340 PLC",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Schneider Electric Modicon M340 PLC"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A Resource Exhaustion issue was discovered in Schneider Electric Modicon M340 PLC BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP341000, BMXP342000, BMXP3420102, BMXP3420102CL, BMXP342020, BMXP342020H, BMXP342030, BMXP3420302, BMXP3420302H, and BMXP342030H. A remote attacker could send a specially crafted set of packets to the PLC causing it to freeze, requiring the operator to physically press the reset button on the PLC in order to recover."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-400"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.schneider-electric.com/en/download/document/SEVD-2017-048-02/",
              "refsource": "CONFIRM",
              "url": "https://www.schneider-electric.com/en/download/document/SEVD-2017-048-02/"
            },
            {
              "name": "96414",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/96414"
            },
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-17-054-03",
              "refsource": "MISC",
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-054-03"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2017-6017",
    "datePublished": "2017-06-30T02:35:00",
    "dateReserved": "2017-02-16T00:00:00",
    "dateUpdated": "2024-08-05T15:18:49.611Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-22779
Vulnerability from cvelistv5
Published
2021-07-14 14:26
Modified
2024-08-03 18:51
Severity ?
Summary
Authentication Bypass by Spoofing vulnerability exists in EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all versions of Unity Pro), EcoStruxure Control Expert V15.0 SP1, EcoStruxure Process Expert (all versions, including all versions of EcoStruxure Hybrid DCS), SCADAPack RemoteConnect for x70 (all versions), Modicon M580 CPU (all versions - part numbers BMEP* and BMEH*), Modicon M340 CPU (all versions - part numbers BMXP34*), that could cause unauthorized access in read and write mode to the controller by spoofing the Modbus communication between the engineering software and the controller.
References
http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-194-01x_refsource_MISC
Impacted products
Vendor Product Version
n/a EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all versions of Unity Pro), EcoStruxure Control Expert V15.0 SP1, EcoStruxure Process Expert (all versions, including all versions of EcoStruxure Hybrid DCS), SCADAPack RemoteConnect for x70 (all versions), Modicon M580 CPU (all versions - part numbers BMEP* and BMEH*), Modicon M340 CPU (all versions - part numbers BMXP34*) Version: EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all versions of Unity Pro), EcoStruxure Control Expert V15.0 SP1, EcoStruxure Process Expert (all versions, including all versions of EcoStruxure Hybrid DCS), SCADAPack RemoteConnect for x70 (all versions), Modicon M580 CPU (all versions - part numbers BMEP* and BMEH*), Modicon M340 CPU (all versions - part numbers BMXP34*)
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T18:51:07.432Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-194-01"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all versions of Unity Pro), EcoStruxure Control Expert V15.0 SP1, EcoStruxure Process Expert (all versions, including all versions of EcoStruxure Hybrid DCS), SCADAPack RemoteConnect for x70 (all versions), Modicon M580 CPU (all versions - part numbers BMEP* and BMEH*), Modicon M340 CPU (all versions - part numbers BMXP34*)",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all versions of Unity Pro), EcoStruxure Control Expert V15.0 SP1, EcoStruxure Process Expert (all versions, including all versions of EcoStruxure Hybrid DCS), SCADAPack RemoteConnect for x70 (all versions), Modicon M580 CPU (all versions - part numbers BMEP* and BMEH*), Modicon M340 CPU (all versions - part numbers BMXP34*)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Authentication Bypass by Spoofing vulnerability exists in EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all versions of Unity Pro), EcoStruxure Control Expert V15.0 SP1, EcoStruxure Process Expert (all versions, including all versions of EcoStruxure Hybrid DCS), SCADAPack RemoteConnect for x70 (all versions), Modicon M580 CPU (all versions - part numbers BMEP* and BMEH*), Modicon M340 CPU (all versions - part numbers BMXP34*), that could cause unauthorized access in read and write mode to the controller by spoofing the Modbus communication between the engineering software and the controller."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-290",
              "description": "CWE-290: Authentication Bypass by Spoofing",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-07-14T14:26:41",
        "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "shortName": "schneider"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-194-01"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cybersecurity@schneider-electric.com",
          "ID": "CVE-2021-22779",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all versions of Unity Pro), EcoStruxure Control Expert V15.0 SP1, EcoStruxure Process Expert (all versions, including all versions of EcoStruxure Hybrid DCS), SCADAPack RemoteConnect for x70 (all versions), Modicon M580 CPU (all versions - part numbers BMEP* and BMEH*), Modicon M340 CPU (all versions - part numbers BMXP34*)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all versions of Unity Pro), EcoStruxure Control Expert V15.0 SP1, EcoStruxure Process Expert (all versions, including all versions of EcoStruxure Hybrid DCS), SCADAPack RemoteConnect for x70 (all versions), Modicon M580 CPU (all versions - part numbers BMEP* and BMEH*), Modicon M340 CPU (all versions - part numbers BMXP34*)"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Authentication Bypass by Spoofing vulnerability exists in EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all versions of Unity Pro), EcoStruxure Control Expert V15.0 SP1, EcoStruxure Process Expert (all versions, including all versions of EcoStruxure Hybrid DCS), SCADAPack RemoteConnect for x70 (all versions), Modicon M580 CPU (all versions - part numbers BMEP* and BMEH*), Modicon M340 CPU (all versions - part numbers BMXP34*), that could cause unauthorized access in read and write mode to the controller by spoofing the Modbus communication between the engineering software and the controller."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-290: Authentication Bypass by Spoofing"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-194-01",
              "refsource": "MISC",
              "url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-194-01"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
    "assignerShortName": "schneider",
    "cveId": "CVE-2021-22779",
    "datePublished": "2021-07-14T14:26:41",
    "dateReserved": "2021-01-06T00:00:00",
    "dateUpdated": "2024-08-03T18:51:07.432Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-45788
Vulnerability from cvelistv5
Published
2023-01-30 00:00
Modified
2025-02-05 20:07
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality & integrity when a malicious project file is loaded onto the controller. Affected Products: EcoStruxure Control Expert (All Versions), EcoStruxure Process Expert (All Versions), Modicon M340 CPU - part numbers BMXP34* (All Versions), Modicon M580 CPU - part numbers BMEP* and BMEH* (All Versions), Modicon M580 CPU Safety - part numbers BMEP58*S and BMEH58*S (All Versions), Modicon Momentum Unity M1E Processor - 171CBU* (All Versions), Modicon MC80 - BMKC80 (All Versions), Legacy Modicon Quantum - 140CPU65* and Premium CPUs - TSXP57* (All Versions)
References
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-010-05&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-010-05_Modicon_Controllers_Security_Notification.pdf
Impacted products
Vendor Product Version
Schneider Electric EcoStruxure Control Expert Version: All Versions
 Create a notification for this product.
   Schneider Electric EcoStruxure Process Expert Version: All Versions
 Create a notification for this product.
   Schneider Electric Modicon M340 CPU (part numbers BMXP34*) Version: All Versions
 Create a notification for this product.
   Schneider Electric Modicon M580 CPU (part numbers BMEP* and BMEH*) Version: All Versions
 Create a notification for this product.
   Schneider Electric Modicon M580 CPU Safety (part numbers BMEP58*S and BMEH58*S) Version: All Versions
 Create a notification for this product.
   Schneider Electric Modicon Momentum Unity M1E Processor (171CBU*) Version: All Versions
 Create a notification for this product.
   Schneider Electric Modicon MC80 (BMKC80) Version: All Versions
 Create a notification for this product.
   Schneider Electric Legacy Modicon Quantum (140CPU65*) and Premium CPUs (TSXP57*) Version: All Versions
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T14:17:04.131Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-010-05\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2023-010-05_Modicon_Controllers_Security_Notification.pdf"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-45788",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-05T19:52:24.602959Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-05T20:07:14.882Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "EcoStruxure Control Expert ",
          "vendor": "Schneider Electric",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "EcoStruxure Process Expert",
          "vendor": "Schneider Electric",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Modicon M340 CPU (part numbers BMXP34*)",
          "vendor": "Schneider Electric",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Modicon M580 CPU (part numbers BMEP* and BMEH*) ",
          "vendor": "Schneider Electric",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Modicon M580 CPU Safety (part numbers BMEP58*S and BMEH58*S)",
          "vendor": "Schneider Electric",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Modicon Momentum Unity M1E Processor (171CBU*)",
          "vendor": "Schneider Electric",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Modicon MC80 (BMKC80)",
          "vendor": "Schneider Electric",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Legacy Modicon Quantum (140CPU65*) and Premium CPUs (TSXP57*)",
          "vendor": "Schneider Electric",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eA CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality \u0026amp; integrity when a malicious project file is loaded onto the controller. Affected Products: EcoStruxure Control Expert (All Versions), EcoStruxure Process Expert (All Versions), Modicon M340 CPU - part numbers BMXP34* (All Versions), Modicon M580 CPU - part numbers BMEP* and BMEH* (All Versions), Modicon M580 CPU Safety - part numbers BMEP58*S and BMEH58*S (All Versions), Modicon Momentum Unity M1E Processor - 171CBU* (All Versions), Modicon MC80 - BMKC80 (All Versions), Legacy Modicon Quantum - 140CPU65* and Premium CPUs - TSXP57* (All Versions)\u003c/p\u003e"
            }
          ],
          "value": "A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality \u0026 integrity when a malicious project file is loaded onto the controller. Affected Products: EcoStruxure Control Expert (All Versions), EcoStruxure Process Expert (All Versions), Modicon M340 CPU - part numbers BMXP34* (All Versions), Modicon M580 CPU - part numbers BMEP* and BMEH* (All Versions), Modicon M580 CPU Safety - part numbers BMEP58*S and BMEH58*S (All Versions), Modicon Momentum Unity M1E Processor - 171CBU* (All Versions), Modicon MC80 - BMKC80 (All Versions), Legacy Modicon Quantum - 140CPU65* and Premium CPUs - TSXP57* (All Versions)\n\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-754",
              "description": "CWE-754 Improper Check for Unusual or Exceptional Conditions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-08-09T13:43:07.202Z",
        "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "shortName": "schneider"
      },
      "references": [
        {
          "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-010-05\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2023-010-05_Modicon_Controllers_Security_Notification.pdf"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
    "assignerShortName": "schneider",
    "cveId": "CVE-2022-45788",
    "datePublished": "2023-01-30T00:00:00.000Z",
    "dateReserved": "2022-11-22T00:00:00.000Z",
    "dateUpdated": "2025-02-05T20:07:14.882Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2015-6462
Vulnerability from cvelistv5
Published
2019-03-21 18:44
Modified
2024-08-06 07:22
Severity ?
Summary
Reflected Cross-Site Scripting (nonpersistent) allows an attacker to craft a specific URL, which contains Java script that will be executed on the Schneider Electric Modicon BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP342020, BMXP342020H, BMXP342030, BMXP3420302, BMXP3420302H, or BMXP342030H PLC client browser.
References
https://ics-cert.us-cert.gov/advisories/ICSA-15-246-02x_refsource_MISC
Impacted products
Vendor Product Version
n/a Schneider Electric Modicon PLC Version: BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP342020, BMXP342020H, BMXP342030, BMXP3420302, BMXP3420302H, and BMXP342030H.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T07:22:21.488Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-246-02"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Schneider Electric Modicon PLC",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP342020, BMXP342020H, BMXP342030, BMXP3420302, BMXP3420302H, and BMXP342030H."
            }
          ]
        }
      ],
      "datePublic": "2015-09-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Reflected Cross-Site Scripting (nonpersistent) allows an attacker to craft a specific URL, which contains Java script that will be executed on the Schneider Electric Modicon BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP342020, BMXP342020H, BMXP342030, BMXP3420302, BMXP3420302H, or BMXP342030H PLC client browser."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "Cross-site scripting CWE-79",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-03-21T18:44:47",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-246-02"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2015-6462",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Schneider Electric Modicon PLC",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP342020, BMXP342020H, BMXP342030, BMXP3420302, BMXP3420302H, and BMXP342030H."
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Reflected Cross-Site Scripting (nonpersistent) allows an attacker to craft a specific URL, which contains Java script that will be executed on the Schneider Electric Modicon BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP342020, BMXP342020H, BMXP342030, BMXP3420302, BMXP3420302H, or BMXP342030H PLC client browser."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Cross-site scripting CWE-79"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSA-15-246-02",
              "refsource": "MISC",
              "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-246-02"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2015-6462",
    "datePublished": "2019-03-21T18:44:47",
    "dateReserved": "2015-08-17T00:00:00",
    "dateUpdated": "2024-08-06T07:22:21.488Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-22790
Vulnerability from cvelistv5
Published
2021-09-02 16:52
Modified
2024-08-03 18:51
Severity ?
Summary
A CWE-125: Out-of-bounds Read vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxureª Control Expert, including all Unity Pro versions (former name of EcoStruxureª Control Expert, all versions), PLC Simulator for EcoStruxureª Process Expert including all HDCS versions (former name of EcoStruxureª Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions).
References
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-05x_refsource_MISC
Impacted products
Vendor Product Version
n/a Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxureª Control Expert, including all Unity Pro versions (former name of EcoStruxureª Control Expert, all versions), PLC Simulator for EcoStruxureª Process Expert including all HDCS versions (former name of EcoStruxureª Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions) Version: Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxureª Control Expert, including all Unity Pro versions (former name of EcoStruxureª Control Expert, all versions), PLC Simulator for EcoStruxureª Process Expert including all HDCS versions (former name of EcoStruxureª Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T18:51:07.462Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-05"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxure\u00aa Control Expert, including all Unity Pro versions (former name of EcoStruxure\u00aa Control Expert, all versions), PLC Simulator for EcoStruxure\u00aa Process Expert including all HDCS versions (former name of EcoStruxure\u00aa Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxure\u00aa Control Expert, including all Unity Pro versions (former name of EcoStruxure\u00aa Control Expert, all versions), PLC Simulator for EcoStruxure\u00aa Process Expert including all HDCS versions (former name of EcoStruxure\u00aa Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A CWE-125: Out-of-bounds Read vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxure\u00aa Control Expert, including all Unity Pro versions (former name of EcoStruxure\u00aa Control Expert, all versions), PLC Simulator for EcoStruxure\u00aa Process Expert including all HDCS versions (former name of EcoStruxure\u00aa Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "CWE-125: Out-of-bounds Read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-09-02T16:52:39",
        "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "shortName": "schneider"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-05"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cybersecurity@schneider-electric.com",
          "ID": "CVE-2021-22790",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxure\u00aa Control Expert, including all Unity Pro versions (former name of EcoStruxure\u00aa Control Expert, all versions), PLC Simulator for EcoStruxure\u00aa Process Expert including all HDCS versions (former name of EcoStruxure\u00aa Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxure\u00aa Control Expert, including all Unity Pro versions (former name of EcoStruxure\u00aa Control Expert, all versions), PLC Simulator for EcoStruxure\u00aa Process Expert including all HDCS versions (former name of EcoStruxure\u00aa Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A CWE-125: Out-of-bounds Read vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxure\u00aa Control Expert, including all Unity Pro versions (former name of EcoStruxure\u00aa Control Expert, all versions), PLC Simulator for EcoStruxure\u00aa Process Expert including all HDCS versions (former name of EcoStruxure\u00aa Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-125: Out-of-bounds Read"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-05",
              "refsource": "MISC",
              "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-05"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
    "assignerShortName": "schneider",
    "cveId": "CVE-2021-22790",
    "datePublished": "2021-09-02T16:52:39",
    "dateReserved": "2021-01-06T00:00:00",
    "dateUpdated": "2024-08-03T18:51:07.462Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-7535
Vulnerability from cvelistv5
Published
2020-12-11 00:51
Modified
2024-08-04 09:33
Severity ?
Summary
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal' Vulnerability Type) vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause disclosure of information when sending a specially crafted request to the controller over HTTP.
References
https://www.se.com/ww/en/download/document/SEVD-2020-343-05/x_refsource_CONFIRM
Impacted products
Vendor Product Version
n/a Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions) Version: Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions)
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:33:19.664Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-05/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions)",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027 Vulnerability Type) vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause disclosure of information when sending a specially crafted request to the controller over HTTP."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-22",
              "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027 Vulnerability Type)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-12-11T00:51:37",
        "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "shortName": "schneider"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-05/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cybersecurity@schneider-electric.com",
          "ID": "CVE-2020-7535",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions)"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027 Vulnerability Type) vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause disclosure of information when sending a specially crafted request to the controller over HTTP."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027 Vulnerability Type)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.se.com/ww/en/download/document/SEVD-2020-343-05/",
              "refsource": "CONFIRM",
              "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-05/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
    "assignerShortName": "schneider",
    "cveId": "CVE-2020-7535",
    "datePublished": "2020-12-11T00:51:37",
    "dateReserved": "2020-01-21T00:00:00",
    "dateUpdated": "2024-08-04T09:33:19.664Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-22792
Vulnerability from cvelistv5
Published
2021-09-02 16:53
Modified
2024-08-03 18:51
Severity ?
Summary
A CWE-476: NULL Pointer Dereference vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxureª Control Expert, including all Unity Pro versions (former name of EcoStruxureª Control Expert, all versions), PLC Simulator for EcoStruxureª Process Expert including all HDCS versions (former name of EcoStruxureª Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions).
References
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-07x_refsource_MISC
Impacted products
Vendor Product Version
n/a Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxureª Control Expert, including all Unity Pro versions (former name of EcoStruxureª Control Expert, all versions), PLC Simulator for EcoStruxureª Process Expert including all HDCS versions (former name of EcoStruxureª Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions) Version: Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxureª Control Expert, including all Unity Pro versions (former name of EcoStruxureª Control Expert, all versions), PLC Simulator for EcoStruxureª Process Expert including all HDCS versions (former name of EcoStruxureª Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T18:51:07.455Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-07"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxure\u00aa Control Expert, including all Unity Pro versions (former name of EcoStruxure\u00aa Control Expert, all versions), PLC Simulator for EcoStruxure\u00aa Process Expert including all HDCS versions (former name of EcoStruxure\u00aa Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxure\u00aa Control Expert, including all Unity Pro versions (former name of EcoStruxure\u00aa Control Expert, all versions), PLC Simulator for EcoStruxure\u00aa Process Expert including all HDCS versions (former name of EcoStruxure\u00aa Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A CWE-476: NULL Pointer Dereference vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxure\u00aa Control Expert, including all Unity Pro versions (former name of EcoStruxure\u00aa Control Expert, all versions), PLC Simulator for EcoStruxure\u00aa Process Expert including all HDCS versions (former name of EcoStruxure\u00aa Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-476",
              "description": "CWE-476: NULL Pointer Dereference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-09-02T16:53:00",
        "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "shortName": "schneider"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-07"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cybersecurity@schneider-electric.com",
          "ID": "CVE-2021-22792",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxure\u00aa Control Expert, including all Unity Pro versions (former name of EcoStruxure\u00aa Control Expert, all versions), PLC Simulator for EcoStruxure\u00aa Process Expert including all HDCS versions (former name of EcoStruxure\u00aa Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxure\u00aa Control Expert, including all Unity Pro versions (former name of EcoStruxure\u00aa Control Expert, all versions), PLC Simulator for EcoStruxure\u00aa Process Expert including all HDCS versions (former name of EcoStruxure\u00aa Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A CWE-476: NULL Pointer Dereference vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxure\u00aa Control Expert, including all Unity Pro versions (former name of EcoStruxure\u00aa Control Expert, all versions), PLC Simulator for EcoStruxure\u00aa Process Expert including all HDCS versions (former name of EcoStruxure\u00aa Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-476: NULL Pointer Dereference"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-07",
              "refsource": "MISC",
              "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-07"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
    "assignerShortName": "schneider",
    "cveId": "CVE-2021-22792",
    "datePublished": "2021-09-02T16:53:00",
    "dateReserved": "2021-01-06T00:00:00",
    "dateUpdated": "2024-08-03T18:51:07.455Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Vulnerability from fkie_nvd
Published
2022-02-11 18:15
Modified
2024-11-21 05:50
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
A CWE-200: Information Exposure vulnerability exists that could cause sensitive information of files located in the web root directory to leak when an attacker sends a HTTP request to the web server of the device. Affected Product: Modicon M340 CPUs: BMXP34 (Versions prior to V3.40), Modicon M340 X80 Ethernet Communication Modules: BMXNOE0100 (H), BMXNOE0110 (H), BMXNOC0401, BMXNOR0200H RTU (All Versions), Modicon Premium Processors with integrated Ethernet (Copro): TSXP574634, TSXP575634, TSXP576634 (All Versions), Modicon Quantum Processors with Integrated Ethernet (Copro): 140CPU65xxxxx (All Versions), Modicon Quantum Communication Modules: 140NOE771x1, 140NOC78x00, 140NOC77101 (All Versions), Modicon Premium Communication Modules: TSXETY4103, TSXETY5103 (All Versions)
References
cybersecurity@se.comhttps://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-257-02Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-257-02Patch, Vendor Advisory
Impacted products
Vendor Product Version
schneider-electric modicon_m340_bmxp342020_firmware *
schneider-electric modicon_m340_bmxp342020 -
schneider-electric bmxnoe0100_firmware *
schneider-electric bmxnoe0100 -
schneider-electric bmxnoe0110_firmware *
schneider-electric bmxnoe0110 -
schneider-electric bmxnoc0401_firmware *
schneider-electric bmxnoc0401 -
schneider-electric bmxnor0200h_rtu_firmware *
schneider-electric bmxnor0200h_rtu -
schneider-electric tsxp574634_firmware *
schneider-electric tsxp574634 -
schneider-electric tsxp575634_firmware *
schneider-electric tsxp575634 -
schneider-electric tsxp576634_firmware *
schneider-electric tsxp576634 -
schneider-electric 140cpu65150_firmware *
schneider-electric 140cpu65150 -
schneider-electric 140noe771x1_firmware *
schneider-electric 140noe771x1 -
schneider-electric 140noc78x00_firmware *
schneider-electric 140noc78x00 -
schneider-electric 140noc77101_firmware *
schneider-electric 140noc77101 -
schneider-electric tsxety4103_firmware *
schneider-electric tsxety4103 -
schneider-electric tsxety5103_firmware *
schneider-electric tsxety5103 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "866BFE7D-D688-40B1-B6E9-B140529001C3",
              "versionEndExcluding": "3.40",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99F2F851-C18F-4CB8-B47C-516F2AC7955D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnoe0100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E00817A-E140-418F-93AB-A9B516F090A7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnoe0100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80FC6FF2-D662-4A57-AAA6-BC04351DC779",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnoe0110_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2F33A35-37ED-41AD-94A2-34FEA8E7259B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnoe0110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98F3B055-8919-4E09-9827-288F0A03DAFF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnoc0401_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEF0DA3B-F89B-487D-AAE6-AEA88E28055A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnoc0401:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF08654A-FFCB-47D3-AC82-DF7284548962",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnor0200h_rtu_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9318D16-AA6D-4DE4-B812-D995B291E802",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnor0200h_rtu:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D792EDB-A93E-495B-AF0A-486C9AC6BACA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp574634_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C32BDE35-7AC6-44C3-8135-BAA128B44559",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp574634:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "76B1122A-56A2-44BB-8648-C6E96D1966D9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp575634_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CAEBC02-9BA6-4D36-AC3D-E1CE531F918E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp575634:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0678A50-FE23-49BD-A6CF-A7094EFDAFA1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp576634_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "23918D88-851B-480E-972E-EB48CAFA7AF4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp576634:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "38F83CCC-4A66-4D47-A563-777A16028F3B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8048EA69-8FC8-4415-BA20-D2813F8BD83D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC3E5496-C3D0-4DF4-A9AF-F227F889840E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140noe771x1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1468EBB2-8AD8-4886-B4A9-13D1F34EFD8B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140noe771x1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6EFD78F-DB37-4407-A91C-9D01FA9CAF2F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140noc78x00_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6E80811-AE57-4B01-B3D5-4B346A9F3D8F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140noc78x00:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F4A72EA-E15A-4C31-B0F3-6B9EB48A09B2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140noc77101_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "10B16121-8DC3-4EA1-AC7B-D611A1C3C9A4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140noc77101:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B688E46-6D5B-4197-BBA2-23F361E656E0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxety4103_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "066E3E6C-8A0E-4360-A4ED-32A84B7647FC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxety4103:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "18B13865-038C-4073-955A-36E6F5037C2C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxety5103_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7B418F6-DCED-40B9-8B35-DC50FD8EF6FD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxety5103:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A901BF2-9316-4067-9AFC-8A7CB3549F68",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A CWE-200: Information Exposure vulnerability exists that could cause sensitive information of files located in the web root directory to leak when an attacker sends a HTTP request to the web server of the device. Affected Product: Modicon M340 CPUs: BMXP34 (Versions prior to V3.40), Modicon M340 X80 Ethernet Communication Modules: BMXNOE0100 (H), BMXNOE0110 (H), BMXNOC0401, BMXNOR0200H RTU (All Versions), Modicon Premium Processors with integrated Ethernet (Copro): TSXP574634, TSXP575634, TSXP576634 (All Versions), Modicon Quantum Processors with Integrated Ethernet (Copro): 140CPU65xxxxx (All Versions), Modicon Quantum Communication Modules: 140NOE771x1, 140NOC78x00, 140NOC77101 (All Versions), Modicon Premium Communication Modules: TSXETY4103, TSXETY5103 (All Versions)"
    },
    {
      "lang": "es",
      "value": "Una CWE-200: Se presenta una vulnerabilidad de Exposici\u00f3n de Informaci\u00f3n que podr\u00eda causar un filtrado de informaci\u00f3n confidencial de archivos ubicados en el directorio root de la web cuando un atacante env\u00eda una petici\u00f3n HTTP al servidor web del dispositivo. Producto afectado: CPUs Modicon M340: BMXP34 (Versiones anteriores a V3.40), M\u00f3dulos de Comunicaci\u00f3n Ethernet Modicon M340 X80: BMXNOE0100 (H), BMXNOE0110 (H), BMXNOC0401, BMXNOR0200H RTU (Todas las versiones), Procesadores Modicon Premium con Ethernet integrada (Copro): TSXP574634, TSXP575634, TSXP576634 (Todas las versiones), Procesadores Modicon Quantum con Ethernet integrado (Copro): 140CPU65xxxxx (Todas las versiones), M\u00f3dulos de comunicaci\u00f3n Modicon Quantum: 140NOE771x1, 140NOC78x00, 140NOC77101 (Todas las versiones), M\u00f3dulos de comunicaci\u00f3n Modicon Premium: TSXETY4103, TSXETY5103 (todas las versiones)"
    }
  ],
  "id": "CVE-2021-22785",
  "lastModified": "2024-11-21T05:50:39.760",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-02-11T18:15:08.947",
  "references": [
    {
      "source": "cybersecurity@se.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-257-02"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-257-02"
    }
  ],
  "sourceIdentifier": "cybersecurity@se.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "cybersecurity@se.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2023-01-31 06:15
Modified
2024-11-21 07:29
Severity ?
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause execution of unauthorized Modbus functions on the controller when hijacking an authenticated Modbus session. Affected Products: EcoStruxure Control Expert (All Versions), EcoStruxure Process Expert (All Versions), Modicon M340 CPU - part numbers BMXP34* (All Versions), Modicon M580 CPU - part numbers BMEP* and BMEH* (All Versions), Modicon M580 CPU Safety - part numbers BMEP58*S and BMEH58*S (All Versions)
References
cybersecurity@se.comhttps://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-010-06&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-010-06_Modicon_Controllers_Security_Notification.pdfPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-010-06&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-010-06_Modicon_Controllers_Security_Notification.pdfPatch, Vendor Advisory
Impacted products
Vendor Product Version
schneider-electric ecostruxure_control_expert *
schneider-electric ecostruxure_process_expert *
schneider-electric modicon_m340_bmxp341000_firmware *
schneider-electric modicon_m340_bmxp341000 -
schneider-electric modicon_m340_bmxp342000_firmware *
schneider-electric modicon_m340_bmxp342000 -
schneider-electric modicon_m340_bmxp342010_firmware -
schneider-electric modicon_m340_bmxp342010 *
schneider-electric modicon_m340_bmxp3420102_firmware *
schneider-electric modicon_m340_bmxp3420102 -
schneider-electric modicon_m340_bmxp342020_firmware *
schneider-electric modicon_m340_bmxp342020 -
schneider-electric modicon_m340_bmxp342020h_firmware *
schneider-electric modicon_m340_bmxp342020h -
schneider-electric modicon_m340_bmxp342030_firmware *
schneider-electric modicon_m340_bmxp342030 -
schneider-electric modicon_m340_bmxp3420302_firmware *
schneider-electric modicon_m340_bmxp3420302 -
schneider-electric modicon_m340_bmxp3420302h_firmware *
schneider-electric modicon_m340_bmxp3420302h -
schneider-electric modicon_m340_bmxp342030h_firmware *
schneider-electric modicon_m340_bmxp342030h -
schneider-electric modicon_m580_bmep581020_firmware *
schneider-electric modicon_m580_bmep581020 -
schneider-electric modicon_m580_bmep581020h_firmware *
schneider-electric modicon_m580_bmep581020h -
schneider-electric modicon_m580_bmep582020_firmware *
schneider-electric modicon_m580_bmep582020 -
schneider-electric modicon_m580_bmep582020h_firmware *
schneider-electric modicon_m580_bmep582020h -
schneider-electric modicon_m580_bmep582040_firmware *
schneider-electric modicon_m580_bmep582040 -
schneider-electric modicon_m580_bmep582040h_firmware *
schneider-electric modicon_m580_bmep582040h -
schneider-electric modicon_m580_bmep582040s_firmware *
schneider-electric modicon_m580_bmep582040s -
schneider-electric modicon_m580_bmep583020_firmware *
schneider-electric modicon_m580_bmep583020 -
schneider-electric modicon_m580_bmep583040_firmware *
schneider-electric modicon_m580_bmep583040 -
schneider-electric modicon_m580_bmep584020_firmware *
schneider-electric modicon_m580_bmep584020 -
schneider-electric modicon_m580_bmep584040_firmware *
schneider-electric modicon_m580_bmep584040 -
schneider-electric modicon_m580_bmep584040s_firmware *
schneider-electric modicon_m580_bmep584040s -
schneider-electric modicon_m580_bmep585040_firmware *
schneider-electric modicon_m580_bmep585040 -
schneider-electric modicon_m580_bmep585040c_firmware *
schneider-electric modicon_m580_bmep585040c -
schneider-electric modicon_m580_bmep586040_firmware *
schneider-electric modicon_m580_bmep586040 -
schneider-electric modicon_m580_bmep586040c_firmware *
schneider-electric modicon_m580_bmep586040c -
schneider-electric modicon_m580_bmeh582040_firmware *
schneider-electric modicon_m580_bmeh582040 -
schneider-electric modicon_m580_bmeh582040c_firmware *
schneider-electric modicon_m580_bmeh582040c -
schneider-electric modicon_m580_bmeh582040s_firmware *
schneider-electric modicon_m580_bmeh582040s -
schneider-electric modicon_m580_bmeh584040_firmware *
schneider-electric modicon_m580_bmeh584040 -
schneider-electric modicon_m580_bmeh584040c_firmware *
schneider-electric modicon_m580_bmeh584040c -
schneider-electric modicon_m580_bmeh584040s_firmware *
schneider-electric modicon_m580_bmeh584040s -
schneider-electric modicon_m580_bmeh586040_firmware *
schneider-electric modicon_m580_bmeh586040 -
schneider-electric modicon_m580_bmeh586040c_firmware *
schneider-electric modicon_m580_bmeh586040c -
schneider-electric modicon_m580_bmeh586040s_firmware *
schneider-electric modicon_m580_bmeh586040s -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:schneider-electric:ecostruxure_control_expert:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "18E8CCC1-A467-4FEF-964D-8481EAE892EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:schneider-electric:ecostruxure_process_expert:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA266030-8BF1-4E8C-BBA0-EC80FBF254C6",
              "versionEndIncluding": "2020",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp341000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8152BD1B-DB69-4BD0-9DD3-79FC059319B1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "178D2338-E48E-493C-992F-337AACE794DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "104B7AFC-D948-4D3D-90D2-E963371F4392",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D150239-27E2-4CBE-A931-5107C15E362F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342010_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D7B5B28-99F5-4A94-9D65-204943941047",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342010:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D82E3FB5-B40B-4688-86C9-840E17DD32DD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F582E2C-D562-44F6-823F-73DEFA3604EA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98212CF5-BCF4-4A55-B62A-484569687B4E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C747D719-51A2-44F5-B940-89D84437DA95",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99F2F851-C18F-4CB8-B47C-516F2AC7955D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020h_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8EE8D065-BC68-4BE5-972E-2CC2CABA4B9B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "56BAED8B-EEFA-45D7-A5A3-9B62067CE24C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342030_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "34CC8BAD-3D4F-4DAD-B8CE-09D0BF4A5E11",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342030:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E472ABB0-5556-4B96-9CEF-2180E24FA7FD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D6A3F91-28AA-42EE-8C28-0B5E6D9ACA53",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "354968F7-C41B-4C21-8E47-81DC07DF0EA5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302h_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C14A07B-E938-43A8-A2AA-65DBEF92AF47",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "075A16D1-F4DF-4DCB-8DF9-152E282CE01F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342030h_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8522888D-3AE6-4199-9CC1-7866DFB467C9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342030h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF9608E7-C9B5-4945-9609-690231DB1B5A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep581020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "49646E6C-381F-495B-A5E8-8F522571D4AD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep581020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2317F260-7AA2-4178-B468-03DF36223E26",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep581020h_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F472ED1-8FE6-43BC-A4FF-E956D17ED427",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep581020h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D7DDC42-37A1-43B0-AD46-2E0D098564BA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F1315A8-FDEE-487F-BA66-A99745783911",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "765E4FEE-255E-4C47-824A-5661B84B490B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582020h_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F543A095-B798-4C5B-A2B6-DF893191EAC3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582020h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1FEA377-3C45-4F88-B233-088A24BD0771",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "71823B23-C4E6-40EC-AC9C-2EABFDAFE498",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBCCDD6D-35CE-4680-8B0C-86584B1D8958",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582040h_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BDD13AD-681C-4C7D-82D5-3017FB3BE852",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "68FD5968-C522-4231-A98C-93D3101B6148",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582040s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B782A209-0612-4CA1-8438-6653D75F452C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C02B27F6-B8CF-4D3B-9DA6-054F540EA6B6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep583020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "43B3DF32-480E-4CE1-9396-B33CD5F63A22",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep583020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBC38FF1-693E-4899-883C-1B7B80A52F2C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep583040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA09FB51-0FDC-4457-8ED6-A963CAB97DF4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep583040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "002E7F33-6729-4C35-9DDA-7D8383BD5668",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep584020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9C82569-7D6C-4FD9-B5BB-2E9576FDFB0E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "47DFEBAC-2F1D-4870-8425-2199BF80B425",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep584040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DC98F7D-BDCC-4CF1-BA80-55EA68C5DDB5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC4A1DF2-FF4C-4DBE-BF74-6A4A09E3DECE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep584040s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB7741EA-7955-4FC6-BE64-23EFBB0E3DC6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6222C1F8-BE52-4666-B7F5-2E8BBC214F70",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep585040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "252FA576-D00F-4BF2-871D-291D209B443C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep585040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5376D9F4-8AFB-4909-A11B-33C54C4220DB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep585040c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2786E51E-B042-4DEF-98CE-C46F381D468C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep585040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CADB178B-FEFD-48A9-B155-0E8F6D490229",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep586040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D9E6C74-FAEE-49D3-807B-7F8416C12725",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep586040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B3C1879-269B-47EB-891B-EF2E90C911D7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep586040c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B182E938-6B50-4F3A-BAF6-AD2637E31E43",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep586040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5771A1A5-3DAF-4869-A24F-F9B0A38B5DA5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh582040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C610F17-FD8F-425E-A169-47EA7E6E8A0A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F484F8BB-60B5-4045-92C3-0C2A0CD4107E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh582040c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "355FFF2A-2B69-4340-AC49-257C0DC63B70",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4F0F823-89EA-451D-81DC-07AACA039371",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh582040s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "777E63F4-CC75-4D68-98CC-896C58EBDD5A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "610AE743-9FD1-4149-AD45-3B1DAE268BF9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh584040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF0ACFD6-D1EE-4C25-A307-2E3FB67F4A20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "77116949-1141-432D-964B-29A759939E8F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh584040c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB46DD56-7A06-428C-97CB-E01C22BC8214",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6CE23A2-09CC-4417-A45F-63BCA66C4DD8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh584040s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "29482B31-563A-4931-B11E-FDE86F87F25E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "97AAD857-95C0-4AE3-8510-CB306E8293F4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh586040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D261663-D224-4C92-A3F4-3509CAA78A36",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "07E2FB94-F402-4CF0-BE35-574C1C6528BA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh586040c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C6737F3-F881-4BDC-A4F4-F6F08B88EC1E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E776EE9-A662-4068-A61A-62CAE23C87F7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh586040s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEBCF494-DC4C-4567-A5C8-2C8D93BAF289",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D53BD038-D594-41FF-B3EF-3365C5432AD0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause execution of unauthorized Modbus functions on the controller when hijacking an authenticated Modbus session. Affected Products: EcoStruxure Control Expert (All Versions), EcoStruxure Process Expert (All Versions), Modicon M340 CPU - part numbers BMXP34* (All Versions), Modicon M580 CPU - part numbers BMEP* and BMEH* (All Versions), Modicon M580 CPU Safety - part numbers BMEP58*S and BMEH58*S (All Versions)\n\n"
    },
    {
      "lang": "es",
      "value": "Existe una vulnerabilidad CWE-294: Omisi\u00f3n de autenticaci\u00f3n mediante captura-reproducci\u00f3n que podr\u00eda provocar la ejecuci\u00f3n de funciones Modbus no autorizadas en el controlador al secuestrar una sesi\u00f3n Modbus autenticada. Productos afectados: EcoStruxure Control Expert (todas las versiones), EcoStruxure Process Expert (todas las versiones), CPU Modicon M340 - n\u00fameros de pieza BMXP34* (todas las versiones), CPU Modicon M580 - n\u00fameros de pieza BMEP* y BMEH* (todas las versiones), Modicon M580 Seguridad de la CPU: n\u00fameros de pieza BMEP58*S y BMEH58*S (todas las versiones)"
    }
  ],
  "id": "CVE-2022-45789",
  "lastModified": "2024-11-21T07:29:43.287",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.1,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 5.9,
        "source": "cybersecurity@se.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-01-31T06:15:07.920",
  "references": [
    {
      "source": "cybersecurity@se.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-010-06\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2023-010-06_Modicon_Controllers_Security_Notification.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-010-06\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2023-010-06_Modicon_Controllers_Security_Notification.pdf"
    }
  ],
  "sourceIdentifier": "cybersecurity@se.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-294"
        }
      ],
      "source": "cybersecurity@se.com",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2022-11-22 13:15
Modified
2024-11-21 06:38
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A CWE-269: Improper Privilege Management vulnerability exists that could cause a denial of service of the Ethernet communication of the controller when sending a specific request over SNMP. Affected products: Modicon M340 CPUs(BMXP34* versions prior to V3.40), Modicon M340 X80 Ethernet Communication modules:BMXNOE0100 (H), BMXNOE0110 (H), BMXNOR0200H RTU(BMXNOE* all versions)(BMXNOR* versions prior to v1.7 IR24)
References
cybersecurity@se.comhttps://www.se.com/us/en/download/document/SEVD-2022-102-02/Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.se.com/us/en/download/document/SEVD-2022-102-02/Vendor Advisory
Impacted products
Vendor Product Version
schneider-electric modicon_m340_bmxp341000_firmware *
schneider-electric modicon_m340_bmxp341000 -
schneider-electric modicon_m340_bmxp342000_firmware *
schneider-electric modicon_m340_bmxp342000 -
schneider-electric modicon_m340_bmxp342010_firmware *
schneider-electric modicon_m340_bmxp342010 -
schneider-electric modicon_m340_bmxp3420102_firmware *
schneider-electric modicon_m340_bmxp3420102 -
schneider-electric modicon_m340_bmxp342020_firmware *
schneider-electric modicon_m340_bmxp342020 -
schneider-electric modicon_m340_bmxp342020h_firmware *
schneider-electric modicon_m340_bmxp342020h -
schneider-electric modicon_m340_bmxp342030_firmware *
schneider-electric modicon_m340_bmxp342030 -
schneider-electric modicon_m340_bmxp3420302_firmware *
schneider-electric modicon_m340_bmxp3420302 -
schneider-electric modicon_m340_bmxp3420302h_firmware *
schneider-electric modicon_m340_bmxp3420302h -
schneider-electric modicon_m340_bmxp342030h_firmware *
schneider-electric modicon_m340_bmxp342030h -
schneider-electric modicon_m340_bmxnoe0100_firmware -
schneider-electric modicon_m340_bmxnoe0100 -
schneider-electric modicon_m340_bmxnoe0110_firmware -
schneider-electric modicon_m340_bmxnoe0110 -
schneider-electric modicon_m340_bmxnoe0110h_firmware -
schneider-electric modicon_m340_bmxnoe0110h -
schneider-electric modicon_m340_bmxnor0200h_firmware -
schneider-electric modicon_m340_bmxnor0200h -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp341000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB94CE0B-D2AE-4AD5-9BB3-FF73F3F081F0",
              "versionEndExcluding": "3.50",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "178D2338-E48E-493C-992F-337AACE794DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8E4C660-7603-47D4-A0E4-D8755B1C84CC",
              "versionEndExcluding": "3.50",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D150239-27E2-4CBE-A931-5107C15E362F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342010_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0594267D-0107-4E43-A783-7C557779E944",
              "versionEndExcluding": "3.50",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "833B2455-5D39-4457-9D6F-0CD738A2EB02",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4C75AF4-DB31-491B-8635-E7E0E3614476",
              "versionEndExcluding": "3.50",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98212CF5-BCF4-4A55-B62A-484569687B4E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6360DC2-1801-412F-867A-D8C62BC0E2A4",
              "versionEndExcluding": "3.50",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99F2F851-C18F-4CB8-B47C-516F2AC7955D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020h_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C34A2C5B-731C-4809-9FE8-3D897AD9A3F8",
              "versionEndExcluding": "3.50",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "56BAED8B-EEFA-45D7-A5A3-9B62067CE24C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342030_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "708E8DA4-1D49-4B68-A626-8E936C054B33",
              "versionEndExcluding": "3.50",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342030:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E472ABB0-5556-4B96-9CEF-2180E24FA7FD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "769B8B46-3965-43C0-8049-A6D786E82FAB",
              "versionEndExcluding": "3.50",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "354968F7-C41B-4C21-8E47-81DC07DF0EA5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302h_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEB5579A-5AB3-40CD-9C22-96207696BB32",
              "versionEndExcluding": "3.50",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "075A16D1-F4DF-4DCB-8DF9-152E282CE01F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342030h_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFFEE13B-685A-4590-839D-A32A98D4C012",
              "versionEndExcluding": "3.50",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342030h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF9608E7-C9B5-4945-9609-690231DB1B5A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxnoe0100_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF09AE3B-C3D4-4519-9F79-0516C738EDB2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxnoe0100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E7CAD05-06C7-4B77-9466-1581ACAD4416",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxnoe0110_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CCF6254-7166-430C-B969-96EB54C81330",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxnoe0110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE2953A1-873B-4784-8353-6CD92FD2A558",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxnoe0110h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DF9AB98-F2A7-4A74-9850-9B2C6F8CD17D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxnoe0110h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F2DDD4B-074E-4D36-8813-9B982D5C08BD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxnor0200h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2D556F4-B7B8-4F75-973A-3192F880DA09",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxnor0200h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C597244C-325F-4F6F-84B4-193CD299B3EF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A CWE-269: Improper Privilege Management vulnerability exists that could cause a denial of service of the Ethernet communication of the controller when sending a specific request over SNMP. Affected products: Modicon M340 CPUs(BMXP34* versions prior to V3.40), Modicon M340 X80 Ethernet Communication modules:BMXNOE0100 (H), BMXNOE0110 (H), BMXNOR0200H RTU(BMXNOE* all versions)(BMXNOR* versions prior to v1.7 IR24)"
    },
    {
      "lang": "es",
      "value": "Existe una vulnerabilidad CWE-269: Gesti\u00f3n de privilegios inadecuada que podr\u00eda provocar una Denegaci\u00f3n de Servicio (DoS) de la comunicaci\u00f3n Ethernet del controlador al enviar una solicitud espec\u00edfica a trav\u00e9s de SNMP. Productos afectados: CPU Modicon M340 (versiones BMXP34* anteriores a V3.40), m\u00f3dulos de comunicaci\u00f3n Ethernet Modicon M340 X80: BMXNOE0100 (H), BMXNOE0110 (H), BMXNOR0200H RTU (BMXNOE* todas las versiones) (versiones BMXNOR* anteriores a v1. 7IR24)"
    }
  ],
  "id": "CVE-2022-0222",
  "lastModified": "2024-11-21T06:38:10.500",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "cybersecurity@se.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-11-22T13:15:10.113",
  "references": [
    {
      "source": "cybersecurity@se.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.se.com/us/en/download/document/SEVD-2022-102-02/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.se.com/us/en/download/document/SEVD-2022-102-02/"
    }
  ],
  "sourceIdentifier": "cybersecurity@se.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-269"
        }
      ],
      "source": "cybersecurity@se.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-269"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2013-04-04 11:58
Modified
2024-11-21 01:52
Severity ?
Summary
The Schneider Electric M340 PLC modules allow remote attackers to cause a denial of service (resource consumption) via unspecified vectors. NOTE: the vendor reportedly disputes this issue because it "could not be duplicated" and "an attacker could not remotely exploit this observed behavior to deny PLC control functions.
References
cve@mitre.orghttp://ics-cert.us-cert.gov/pdf/ICSA-13-077-01A.pdfBroken Link, Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://ics-cert.us-cert.gov/pdf/ICSA-13-077-01A.pdfBroken Link, Third Party Advisory, US Government Resource
Impacted products
Vendor Product Version
schneider-electric modicon_m340_bmx_noc_0401_firmware -
schneider-electric modicon_m340_bmx_noc_0401 -
schneider-electric modicon_m340_bmx_noe_0100_firmware -
schneider-electric modicon_m340_bmx_noe_0100 -
schneider-electric modicon_m340_bmx_noe_0100h_firmware -
schneider-electric modicon_m340_bmx_noe_0100h -
schneider-electric modicon_m340_bmx_noe_0110_firmware -
schneider-electric modicon_m340_bmx_noe_0110 -
schneider-electric modicon_m340_bmx_noe_0110h_firmware -
schneider-electric modicon_m340_bmx_noe_0110h -
schneider-electric modicon_m340_bmx_nor_0200h_firmware -
schneider-electric modicon_m340_bmx_nor_0200h -
schneider-electric modicon_m340_bmx_p34-2010_firmware -
schneider-electric modicon_m340_bmx_p34-2010 -
schneider-electric modicon_m340_bmx_p34-2030_firmware -
schneider-electric modicon_m340_bmx_p34-2030 -
schneider-electric modicon_m340_bmxp341000_firmware -
schneider-electric modicon_m340_bmxp341000 -
schneider-electric modicon_m340_bmxp342010_firmware -
schneider-electric modicon_m340_bmxp342010 -
schneider-electric modicon_m340_bmxp342020_firmware -
schneider-electric modicon_m340_bmxp342020 -
schneider-electric modicon_m340_bmxp342030_firmware -
schneider-electric modicon_m340_bmxp342030 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmx_noc_0401_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF0237AC-0BF8-4BE9-8AFD-F900F730B0E0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmx_noc_0401:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "00B8A86F-B257-49D9-AB43-3B9A28B543BA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmx_noe_0100_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FA9D4F5-5F56-4D46-B816-F7D13697740C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmx_noe_0100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "28A486F8-6C88-43FA-B3BB-CE4AAFE9F5D9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmx_noe_0100h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6947E72-D5DC-4265-A114-43B3CEFC1F70",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmx_noe_0100h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1BDFEB0-C3B6-4329-A663-7EAA9124249F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmx_noe_0110_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8DD48D3-E70C-4DF8-B4D2-F04EA18A801E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmx_noe_0110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE415EC8-0F4B-4B21-8D10-91AFAA6DA4A3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmx_noe_0110h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "378FF7F3-5538-4154-9D41-88FF388C4A97",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmx_noe_0110h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4688DE1-369B-4726-8492-3FB65C682646",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmx_nor_0200h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1B3163A-E683-40CD-82C7-C62D142B3267",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmx_nor_0200h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F283DEA-90D9-4EA5-9A1E-E62BE704D620",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmx_p34-2010_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EF4BCCF-BF21-48E3-BC39-C99578AC8993",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmx_p34-2010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A76270E2-D48F-4149-9A97-76F3C5749723",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmx_p34-2030_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CBCA11D-CC49-4457-BD56-7EF139FB42B5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmx_p34-2030:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FA6EC11-5E37-4534-908F-D3424AE01C79",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp341000_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EC4B64B-CF0F-46CE-91FB-6A320F83B190",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "178D2338-E48E-493C-992F-337AACE794DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342010_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D7B5B28-99F5-4A94-9D65-204943941047",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "833B2455-5D39-4457-9D6F-0CD738A2EB02",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6B88FC3-8FD3-4A2F-A2F0-BE6E29CB7D4F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99F2F851-C18F-4CB8-B47C-516F2AC7955D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342030_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "90674B8F-C4BD-46AF-A86D-A01531074FB6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342030:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E472ABB0-5556-4B96-9CEF-2180E24FA7FD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [
    {
      "sourceIdentifier": "cve@mitre.org",
      "tags": [
        "disputed"
      ]
    }
  ],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Schneider Electric M340 PLC modules allow remote attackers to cause a denial of service (resource consumption) via unspecified vectors.  NOTE: the vendor reportedly disputes this issue because it \"could not be duplicated\" and \"an attacker could not remotely exploit this observed behavior to deny PLC control functions."
    },
    {
      "lang": "es",
      "value": "** EN DISPUTA ** Los modulos Schneider Electric M340 PLC permite a atacantes remotos causar una denegaci\u00f3n de servicios (consumo de recursos) a trav\u00e9s de vectores no especificados. NOTA: El vendedor reporta disputas en este fallo ya que \"no puede ser replicado\" y \"un atacante no puede explotar remotamente este fallo en las funciones de control del PLC\".\r\n"
    }
  ],
  "id": "CVE-2013-2763",
  "lastModified": "2024-11-21T01:52:19.470",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-04-04T11:58:49.867",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://ics-cert.us-cert.gov/pdf/ICSA-13-077-01A.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://ics-cert.us-cert.gov/pdf/ICSA-13-077-01A.pdf"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2023-01-30 13:15
Modified
2024-11-21 07:29
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality & integrity when a malicious project file is loaded onto the controller. Affected Products: EcoStruxure Control Expert (All Versions), EcoStruxure Process Expert (All Versions), Modicon M340 CPU - part numbers BMXP34* (All Versions), Modicon M580 CPU - part numbers BMEP* and BMEH* (All Versions), Modicon M580 CPU Safety - part numbers BMEP58*S and BMEH58*S (All Versions), Modicon Momentum Unity M1E Processor - 171CBU* (All Versions), Modicon MC80 - BMKC80 (All Versions), Legacy Modicon Quantum - 140CPU65* and Premium CPUs - TSXP57* (All Versions)
References
cybersecurity@se.comhttps://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-010-05&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-010-05_Modicon_Controllers_Security_Notification.pdfPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-010-05&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-010-05_Modicon_Controllers_Security_Notification.pdfPatch, Vendor Advisory
Impacted products
Vendor Product Version
schneider-electric ecostruxure_control_expert *
schneider-electric ecostruxure_process_expert *
schneider-electric modicon_m340_bmxp341000_firmware -
schneider-electric modicon_m340_bmxp341000 -
schneider-electric modicon_m340_bmxp342000_firmware -
schneider-electric modicon_m340_bmxp342000 -
schneider-electric modicon_m340_bmxp342010_firmware -
schneider-electric modicon_m340_bmxp342010 -
schneider-electric modicon_m340_bmxp3420102_firmware -
schneider-electric modicon_m340_bmxp3420102 -
schneider-electric modicon_m340_bmxp342020_firmware -
schneider-electric modicon_m340_bmxp342020 -
schneider-electric modicon_m340_bmxp342020h_firmware -
schneider-electric modicon_m340_bmxp342020h -
schneider-electric modicon_m340_bmxp342030_firmware -
schneider-electric modicon_m340_bmxp342030 -
schneider-electric modicon_m340_bmxp3420302_firmware -
schneider-electric modicon_m340_bmxp3420302 -
schneider-electric modicon_m340_bmxp3420302h_firmware -
schneider-electric modicon_m340_bmxp3420302h -
schneider-electric modicon_m340_bmxp342030h_firmware -
schneider-electric modicon_m340_bmxp342030h -
schneider-electric modicon_m580_bmeh582040_firmware -
schneider-electric modicon_m580_bmeh582040 -
schneider-electric modicon_m580_bmeh582040c_firmware -
schneider-electric modicon_m580_bmeh582040c -
schneider-electric modicon_m580_bmeh582040s_firmware -
schneider-electric modicon_m580_bmeh582040s -
schneider-electric modicon_m580_bmeh584040_firmware -
schneider-electric modicon_m580_bmeh584040 -
schneider-electric modicon_m580_bmeh584040c_firmware -
schneider-electric modicon_m580_bmeh584040c -
schneider-electric modicon_m580_bmeh584040s_firmware -
schneider-electric modicon_m580_bmeh584040s -
schneider-electric modicon_m580_bmeh586040_firmware -
schneider-electric modicon_m580_bmeh586040 -
schneider-electric modicon_m580_bmeh586040c_firmware -
schneider-electric modicon_m580_bmeh586040c -
schneider-electric modicon_m580_bmeh586040s_firmware -
schneider-electric modicon_m580_bmeh586040s -
schneider-electric modicon_m580_bmep581020_firmware -
schneider-electric modicon_m580_bmep581020 -
schneider-electric modicon_m580_bmep581020h_firmware -
schneider-electric modicon_m580_bmep581020h -
schneider-electric modicon_m580_bmep582020_firmware -
schneider-electric modicon_m580_bmep582020 -
schneider-electric modicon_m580_bmep582020h_firmware -
schneider-electric modicon_m580_bmep582020h -
schneider-electric modicon_m580_bmep582040_firmware -
schneider-electric modicon_m580_bmep582040 -
schneider-electric modicon_m580_bmep582040h_firmware -
schneider-electric modicon_m580_bmep582040h -
schneider-electric modicon_m580_bmep582040s_firmware -
schneider-electric modicon_m580_bmep582040s -
schneider-electric modicon_m580_bmep583020_firmware -
schneider-electric modicon_m580_bmep583020 -
schneider-electric modicon_m580_bmep583040_firmware -
schneider-electric modicon_m580_bmep583040 -
schneider-electric modicon_m580_bmep584020_firmware -
schneider-electric modicon_m580_bmep584020 -
schneider-electric modicon_m580_bmep584040_firmware -
schneider-electric modicon_m580_bmep584040 -
schneider-electric modicon_m580_bmep584040s_firmware -
schneider-electric modicon_m580_bmep584040s -
schneider-electric modicon_m580_bmep585040_firmware -
schneider-electric modicon_m580_bmep585040 -
schneider-electric modicon_m580_bmep585040c_firmware -
schneider-electric modicon_m580_bmep585040c -
schneider-electric modicon_m580_bmep586040_firmware -
schneider-electric modicon_m580_bmep586040 -
schneider-electric modicon_m580_bmep586040c_firmware -
schneider-electric modicon_m580_bmep586040c -
schneider-electric modicon_momentum_171cbu78090_firmware -
schneider-electric modicon_momentum_171cbu78090 -
schneider-electric modicon_momentum_171cbu98090_firmware -
schneider-electric modicon_momentum_171cbu98090 -
schneider-electric modicon_momentum_171cbu98091_firmware -
schneider-electric modicon_momentum_171cbu98091 -
schneider-electric modicon_mc80_bmkc8020301_firmware -
schneider-electric modicon_mc80_bmkc8020301 -
schneider-electric modicon_mc80_bmkc8020310_firmware -
schneider-electric modicon_mc80_bmkc8020310 -
schneider-electric modicon_mc80_bmkc8030311_firmware -
schneider-electric modicon_mc80_bmkc8030311 -
schneider-electric modicon_quantum_140cpu65150_firmware -
schneider-electric modicon_quantum_140cpu65150 -
schneider-electric modicon_quantum_140cpu65150c_firmware -
schneider-electric modicon_quantum_140cpu65150c -
schneider-electric modicon_quantum_140cpu65160_firmware -
schneider-electric modicon_quantum_140cpu65160 -
schneider-electric modicon_quantum_140cpu65160c_firmware -
schneider-electric modicon_quantum_140cpu65160c -
schneider-electric modicon_premium_tsxp57_1634m_firmware -
schneider-electric modicon_premium_tsxp57_1634m -
schneider-electric modicon_premium_tsxp57_2634m_firmware -
schneider-electric modicon_premium_tsxp57_2634m -
schneider-electric modicon_premium_tsxp57_2834m_firmware -
schneider-electric modicon_premium_tsxp57_2834m -
schneider-electric modicon_premium_tsxp57_454m_firmware -
schneider-electric modicon_premium_tsxp57_454m -
schneider-electric modicon_premium_tsxp57_4634m_firmware -
schneider-electric modicon_premium_tsxp57_4634m -
schneider-electric modicon_premium_tsxp57_554m_firmware -
schneider-electric modicon_premium_tsxp57_554m -
schneider-electric modicon_premium_tsxp57_5634m_firmware -
schneider-electric modicon_premium_tsxp57_5634m -
schneider-electric modicon_premium_tsxp57_6634m_firmware -
schneider-electric modicon_premium_tsxp57_6634m -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:schneider-electric:ecostruxure_control_expert:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "18E8CCC1-A467-4FEF-964D-8481EAE892EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:schneider-electric:ecostruxure_process_expert:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAB4A9EC-96A2-424D-A858-162E662EBEFB",
              "versionEndExcluding": "2021",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp341000_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EC4B64B-CF0F-46CE-91FB-6A320F83B190",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "178D2338-E48E-493C-992F-337AACE794DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342000_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "64041ACC-0BF1-45F7-B1AB-6C836BD606BB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D150239-27E2-4CBE-A931-5107C15E362F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342010_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D7B5B28-99F5-4A94-9D65-204943941047",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "833B2455-5D39-4457-9D6F-0CD738A2EB02",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D597D553-9E36-453A-8C82-FCBB38E6DE49",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98212CF5-BCF4-4A55-B62A-484569687B4E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6B88FC3-8FD3-4A2F-A2F0-BE6E29CB7D4F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99F2F851-C18F-4CB8-B47C-516F2AC7955D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "86AA8980-5D94-4B49-858C-E24290AE8D36",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "56BAED8B-EEFA-45D7-A5A3-9B62067CE24C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342030_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "90674B8F-C4BD-46AF-A86D-A01531074FB6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342030:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E472ABB0-5556-4B96-9CEF-2180E24FA7FD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F8EA70F-DD0C-4835-AA65-2B826807756B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "354968F7-C41B-4C21-8E47-81DC07DF0EA5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3E85D90-A4B8-46B9-B654-84CD68FCF658",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "075A16D1-F4DF-4DCB-8DF9-152E282CE01F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342030h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBDA1A8F-6AAF-4D09-9DB4-FACAB918963C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342030h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF9608E7-C9B5-4945-9609-690231DB1B5A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh582040_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F86533A-406B-4910-B7D2-B378E8872756",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F484F8BB-60B5-4045-92C3-0C2A0CD4107E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh582040c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "47004801-3437-4484-AD19-6CC304783744",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4F0F823-89EA-451D-81DC-07AACA039371",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh582040s_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF50AC83-B422-4B6A-99B2-03A8DA8D191D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "610AE743-9FD1-4149-AD45-3B1DAE268BF9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh584040_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC42A466-5909-4D9B-B243-D86C7AFC0141",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "77116949-1141-432D-964B-29A759939E8F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh584040c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F30A43E-77DB-4015-BCB9-8C491642C51D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6CE23A2-09CC-4417-A45F-63BCA66C4DD8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh584040s_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B78759C-F64C-404D-B161-7A27721B9661",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "97AAD857-95C0-4AE3-8510-CB306E8293F4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh586040_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "832C2EFD-1D6F-4229-B17D-E94F64E8AC35",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "07E2FB94-F402-4CF0-BE35-574C1C6528BA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh586040c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CC9304A-6730-41FA-86D8-900661D66A1F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E776EE9-A662-4068-A61A-62CAE23C87F7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh586040s_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "59504A45-62E8-4C7B-AE03-2C0E8BBF1534",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D53BD038-D594-41FF-B3EF-3365C5432AD0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep581020_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7FFCF8C-AD13-4505-857A-D7948C83E509",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep581020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2317F260-7AA2-4178-B468-03DF36223E26",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep581020h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "355F55BE-861F-46B1-9B8F-B9081984E087",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep581020h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D7DDC42-37A1-43B0-AD46-2E0D098564BA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582020_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8053B00-018B-4350-A51C-609F45BD158E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "765E4FEE-255E-4C47-824A-5661B84B490B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582020h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3497D351-5CF2-42DB-82E0-BCA418998EB6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582020h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1FEA377-3C45-4F88-B233-088A24BD0771",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582040_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBA3EED4-A7A9-4F7C-9B82-BCC21350DEC0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBCCDD6D-35CE-4680-8B0C-86584B1D8958",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582040h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4742CA0B-D062-4A75-AB60-4E11043F741D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "68FD5968-C522-4231-A98C-93D3101B6148",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582040s_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F44EA1CC-2DF4-496E-A892-E47E94861B45",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C02B27F6-B8CF-4D3B-9DA6-054F540EA6B6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep583020_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0CFF8FE-21DE-4F9F-9FEA-4EB5184C3353",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep583020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBC38FF1-693E-4899-883C-1B7B80A52F2C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep583040_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "03E33BBC-D1C1-482D-A4E3-093BED191EC7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep583040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "002E7F33-6729-4C35-9DDA-7D8383BD5668",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep584020_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D1AD7B8-8F43-4B58-986E-ECBEFE514CC9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "47DFEBAC-2F1D-4870-8425-2199BF80B425",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep584040_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "31E97992-1012-4848-B3A5-54642B365B78",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC4A1DF2-FF4C-4DBE-BF74-6A4A09E3DECE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep584040s_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A80A200E-2DC9-4FE8-A685-22DC6F8333A5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6222C1F8-BE52-4666-B7F5-2E8BBC214F70",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep585040_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3F2213C-CB04-4A45-BA1E-CD8FC89BB294",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep585040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5376D9F4-8AFB-4909-A11B-33C54C4220DB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep585040c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D69E5723-590F-4CF6-8C13-9565EAB2522A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep585040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CADB178B-FEFD-48A9-B155-0E8F6D490229",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep586040_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B17D236-B8E5-4340-94BB-0B68B6F76255",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep586040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B3C1879-269B-47EB-891B-EF2E90C911D7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep586040c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B8A9E71-0828-4438-8531-D7C577C63BC7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep586040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5771A1A5-3DAF-4869-A24F-F9B0A38B5DA5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_momentum_171cbu78090_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B26E867-5C0E-413E-B733-6865347C2140",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_momentum_171cbu78090:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B765DF6-1D0A-4191-9AD7-250A7EB691BF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_momentum_171cbu98090_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FA5F1B5-FEC3-458B-B411-AC19E90E2973",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_momentum_171cbu98090:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "67152082-E085-4111-98BA-6E9EF14ADB91",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_momentum_171cbu98091_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "49247DB1-4B53-480B-B7BB-A0E37613E3D2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_momentum_171cbu98091:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD68FC34-691B-406E-A59D-2596215AE314",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_mc80_bmkc8020301_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "83AFD695-E028-405A-B6CE-4AEAD55B676F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_mc80_bmkc8020301:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "62B3CEFA-BCF8-4305-B81A-980AA1352515",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_mc80_bmkc8020310_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AF5C51E-658E-497E-AF66-531C6337D8C6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_mc80_bmkc8020310:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C1A9EE4-9564-45F6-8CF8-1A820E469B41",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_mc80_bmkc8030311_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2DF7857-E543-46E4-AFC3-585BEA9E5B21",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_mc80_bmkc8030311:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "026D5E27-E50D-4614-A3EB-C54150C85572",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_quantum_140cpu65150_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF686D3D-B614-41D1-A023-3DA76B296601",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E3446A5-69F7-4270-93E2-CD5614970698",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_quantum_140cpu65150c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "520D0A9C-ACC9-4FDD-93F5-DD807BA3C4DA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65150c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08FE0C5D-3132-48AD-92EB-B7C4277C1FAA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_quantum_140cpu65160_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1BF8361-6FA9-46A1-93B3-3CC269935F50",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65160:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD3F1B7C-7972-463E-930E-F359A402DAF5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_quantum_140cpu65160c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8B77E0F-CC13-42B6-AF46-556FB02BA4CD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65160c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC9D2D4D-558B-424E-AB04-429C83F06DB7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_premium_tsxp57_1634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5D930A5-787A-48FD-BFA2-4D1BC70C9224",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_1634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB98E7F1-DD61-47F5-A6BB-18D75FDFAB70",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_premium_tsxp57_2634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80937C5F-5962-46D3-8BA2-1650CAC6DC0C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_2634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39E46898-7206-45C1-9A93-729B5905EF38",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_premium_tsxp57_2834m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "695475B9-A4A4-4218-8D21-71797A0F1F10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_2834m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C97A89AF-103A-4D2A-9EAF-42CEC88A2BCA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_premium_tsxp57_454m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B787E978-0842-4385-9ADD-6CA947A6F697",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_454m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "32B611B6-1138-40DF-848A-A4A10E1DB0F2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_premium_tsxp57_4634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1788D10E-11FB-4EF1-9B57-89A2EF3A4576",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_4634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF901CCB-1BC4-4EDA-A3D7-ED7523128EAA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_premium_tsxp57_554m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C613326A-E313-4B3F-ADF7-128B3A904422",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_554m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4479C318-EE74-4338-B172-EC13D4D62246",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_premium_tsxp57_5634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8AC92C16-6212-4D20-B478-98D538C2FCCF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_5634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98A25B72-B3A9-4717-8AA9-B164226DF9D9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_premium_tsxp57_6634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "72F0A61F-37A4-43C9-BC78-296C9AF08341",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_6634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "889E9E8B-688E-420E-9A99-AB64BA7ABCDC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality \u0026 integrity when a malicious project file is loaded onto the controller. Affected Products: EcoStruxure Control Expert (All Versions), EcoStruxure Process Expert (All Versions), Modicon M340 CPU - part numbers BMXP34* (All Versions), Modicon M580 CPU - part numbers BMEP* and BMEH* (All Versions), Modicon M580 CPU Safety - part numbers BMEP58*S and BMEH58*S (All Versions), Modicon Momentum Unity M1E Processor - 171CBU* (All Versions), Modicon MC80 - BMKC80 (All Versions), Legacy Modicon Quantum - 140CPU65* and Premium CPUs - TSXP57* (All Versions)\n\n"
    },
    {
      "lang": "es",
      "value": "Existe una vulnerabilidad CWE-754: Comprobaci\u00f3n inadecuada de condiciones inusuales o excepcionales que podr\u00eda provocar la ejecuci\u00f3n de c\u00f3digo arbitrario, denegaci\u00f3n de servicio y p\u00e9rdida de confidencialidad y seguridad. integridad cuando se carga un archivo de proyecto malicioso en el controlador. Productos afectados: EcoStruxure Control Expert (todas las versiones), EcoStruxure Process Expert (todas las versiones), CPU Modicon M340 - n\u00fameros de pieza BMXP34* (todas las versiones), CPU Modicon M580 - n\u00fameros de pieza BMEP* y BMEH* (todas las versiones), Modicon M580 Seguridad de la CPU: n\u00fameros de pieza BMEP58*S y BMEH58*S (todas las versiones), procesador Modicon Momentum Unity M1E - 171CBU* (todas las versiones), Modicon MC80 - BMKC80 (todas las versiones), Modicon Quantum heredado - 140CPU65* y CPU Premium - TSXP57 * (Todas las versiones)"
    }
  ],
  "id": "CVE-2022-45788",
  "lastModified": "2024-11-21T07:29:43.093",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.6,
        "impactScore": 5.9,
        "source": "cybersecurity@se.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-01-30T13:15:09.310",
  "references": [
    {
      "source": "cybersecurity@se.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-010-05\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2023-010-05_Modicon_Controllers_Security_Notification.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-010-05\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2023-010-05_Modicon_Controllers_Security_Notification.pdf"
    }
  ],
  "sourceIdentifier": "cybersecurity@se.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-754"
        }
      ],
      "source": "cybersecurity@se.com",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2018-04-18 20:29
Modified
2024-11-21 04:11
Severity ?
9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Hard coded accounts exist in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communication modules.
References
cybersecurity@se.comhttp://www.securityfocus.com/bid/103542Third Party Advisory, VDB Entry
cybersecurity@se.comhttps://ics-cert.us-cert.gov/advisories/ICSA-18-086-01Third Party Advisory, US Government Resource
cybersecurity@se.comhttps://www.schneider-electric.com/en/download/document/SEVD-2018-081-01/Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/103542Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://ics-cert.us-cert.gov/advisories/ICSA-18-086-01Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108https://www.schneider-electric.com/en/download/document/SEVD-2018-081-01/Vendor Advisory
Impacted products
Vendor Product Version
schneider-electric bmxnor0200_firmware -
schneider-electric bmxnor0200 -
schneider-electric bmxnor0200h_firmware -
schneider-electric bmxnor0200h -
schneider-electric 140cpu65150_firmware -
schneider-electric 140cpu65150 -
schneider-electric 140cpu31110_firmware -
schneider-electric 140cpu31110 -
schneider-electric 140cpu43412u_firmware -
schneider-electric 140cpu43412u -
schneider-electric 140cpu65160_firmware -
schneider-electric 140cpu65160 -
schneider-electric 140cpu65260_firmware -
schneider-electric 140cpu65260 -
schneider-electric 140cpu65860_firmware -
schneider-electric 140cpu65860 -
schneider-electric 140cpu65160s_firmware -
schneider-electric 140cpu65160s -
schneider-electric 140cpu65150c_firmware -
schneider-electric 140cpu65150c -
schneider-electric 140cpu31110c_firmware -
schneider-electric 140cpu31110c -
schneider-electric 140cpu43412uc_firmware -
schneider-electric 140cpu43412uc -
schneider-electric 140cpu65160c_firmware -
schneider-electric 140cpu65160c -
schneider-electric 140cpu65160c_firmware -
schneider-electric 140cpu65160c -
schneider-electric 140cpu65260c_firmware -
schneider-electric 140cpu65260c -
schneider-electric 140cpu65860c_firmware -
schneider-electric 140cpu65860c -
schneider-electric modicon_m340_bmxp341000_firmware -
schneider-electric modicon_m340_bmxp341000 -
schneider-electric modicon_m340_bmxp342000_firmware -
schneider-electric modicon_m340_bmxp342000 -
schneider-electric modicon_m340_bmxp3420102_firmware -
schneider-electric modicon_m340_bmxp3420102 -
schneider-electric modicon_m340_bmxp3420102cl_firmware -
schneider-electric modicon_m340_bmxp3420102cl -
schneider-electric modicon_m340_bmxp342020_firmware -
schneider-electric modicon_m340_bmxp342020 -
schneider-electric modicon_m340_bmxp3420302_firmware -
schneider-electric modicon_m340_bmxp3420302 -
schneider-electric modicon_m340_bmxp3420302cl_firmware -
schneider-electric modicon_m340_bmxp3420302cl -
schneider-electric modicon_m340_bmxp3420302h_firmware -
schneider-electric modicon_m340_bmxp3420302h -
schneider-electric modicon_m340_bmxp342020h_firmware -
schneider-electric modicon_m340_bmxp342020h -
schneider-electric modicon_m340_bmxp341000h_firmware -
schneider-electric modicon_m340_bmxp341000h -
schneider-electric tsxh5724m_firmware -
schneider-electric tsxh5724m -
schneider-electric tsxh5744m_firmware -
schneider-electric tsxh5744m -
schneider-electric tsxp57104m_firmware -
schneider-electric tsxp57104m -
schneider-electric tsxp57154m_firmware -
schneider-electric tsxp57154m -
schneider-electric tsxp571634m_firmware -
schneider-electric tsxp571634m -
schneider-electric tsxp57204m_firmware -
schneider-electric tsxp57204m -
schneider-electric tsxp57254m_firmware -
schneider-electric tsxp57254m -
schneider-electric tsxp572634m_firmware -
schneider-electric tsxp572634m -
schneider-electric tsxp57304m_firmware -
schneider-electric tsxp57304m -
schneider-electric tsxp57354m_firmware -
schneider-electric tsxp57354m -
schneider-electric tsxp573634m_firmware -
schneider-electric tsxp573634m -
schneider-electric tsxp57454m_firmware -
schneider-electric tsxp57454m -
schneider-electric tsxp574634m_firmware -
schneider-electric tsxp574634m -
schneider-electric tsxp575634m_firmware -
schneider-electric tsxp575634m -
schneider-electric tsxp576634m_firmware -
schneider-electric tsxp576634m -
schneider-electric tsxh5724mc_firmware -
schneider-electric tsxh5724mc -
schneider-electric tsxh5744mc_firmware -
schneider-electric tsxh5744mc -
schneider-electric tsxp57104mc_firmware -
schneider-electric tsxp57104mc -
schneider-electric tsxp57154mc_firmware -
schneider-electric tsxp57154mc -
schneider-electric tsxp571634mc_firmware -
schneider-electric tsxp571634mc -
schneider-electric tsxp57204mc_firmware -
schneider-electric tsxp57204mc -
schneider-electric tsxp57254mc_firmware -
schneider-electric tsxp57254mc -
schneider-electric tsxp572634mc_firmware -
schneider-electric tsxp572634mc -
schneider-electric tsxp57304mc_firmware -
schneider-electric tsxp57304mc -
schneider-electric tsxp57354mc_firmware -
schneider-electric tsxp57354mc -
schneider-electric tsxp573634mc_firmware -
schneider-electric tsxp573634mc -
schneider-electric tsxp57454mc_firmware -
schneider-electric tsxp57454mc -
schneider-electric tsxp574634mc_firmware -
schneider-electric tsxp574634mc -
schneider-electric tsxp57554mc_firmware -
schneider-electric tsxp57554mc -
schneider-electric tsxp575634mc_firmware -
schneider-electric tsxp575634mc -
schneider-electric tsxp576634mc_firmware -
schneider-electric tsxp576634mc -
schneider-electric tsxh5724m_firmware -
schneider-electric tsxh5724m -
schneider-electric tsxh5744mc_firmware -
schneider-electric tsxh5744mc -
schneider-electric tsxp57554m_firmware -
schneider-electric tsxp57554m -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnor0200_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAA48015-57C1-4371-8B9D-FFDEE461D227",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnor0200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABF43229-1E2E-493A-B44F-DD2870559A93",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnor0200h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D0B4021-E058-4B5B-823B-BB1C0A939E30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnor0200h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "60D9A366-3394-4275-B884-AE6E7227156E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65150_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7003BE27-3D26-46F9-BF51-5E026EA2AED6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC3E5496-C3D0-4DF4-A9AF-F227F889840E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu31110_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A37B3D0A-D1AA-494F-B26B-70BA8D1E8D6F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu31110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F363F812-4BF2-450C-BC40-48A136746B9E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu43412u_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B36E6DC-D407-4A3B-9ED3-1683EEE83299",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu43412u:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B87C8629-A8CF-4B8E-AB03-0425C30A40C3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65160_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E092BBB-F315-4541-B8B2-BF9E1B75B041",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65160:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2C2AF70-F0BB-4D17-901C-1FCBECDC44FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65260_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D5F2BE6-CF9E-48BB-B525-6B8F4C0B203E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65260:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D7304B0-EE18-454B-B3F0-5EF387285D90",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65860_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FECDF56E-7F6B-4048-AAAA-0D80C685F6D9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65860:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B8230FD-0C0A-467C-9BAD-09257739D462",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65160s_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "616C2139-6063-4BB1-84C0-AECDBB9EC86C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65160s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "95E48F27-F241-4491-AFF7-8BD562F21A52",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65150c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAA5A94A-09A0-4606-8DAE-0CDE1A372483",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65150c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "51A2EB59-CCEE-4123-8344-764959B32C3C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu31110c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEE31953-8AEA-45AB-81A1-BCE9AC78A48D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu31110c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "33B887DA-75CD-465C-8B02-4DF1A063F3B9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu43412uc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "09F9986A-4089-429E-BFD7-131C3BE98B9E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu43412uc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "38AC4E35-E020-4E54-B1F7-01F4A9D9DEC7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65160c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A75F5C8-3341-4C4A-8660-F002AD07702F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65160c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1A9B6A4-BAA6-4982-A27B-2B9D5F0E7178",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65160c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A75F5C8-3341-4C4A-8660-F002AD07702F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65160c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1A9B6A4-BAA6-4982-A27B-2B9D5F0E7178",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65260c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BE1F4A9-D2EA-4A5B-8F9A-EFD961D4F49D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65260c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "106C756F-1A0D-486F-BA83-F1F6D9D5661E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65860c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1472068B-ECE2-46F4-AC91-43F5AFCA8C52",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65860c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E33E1CF-BD62-4638-AD44-30A19063FCD5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp341000_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EC4B64B-CF0F-46CE-91FB-6A320F83B190",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "178D2338-E48E-493C-992F-337AACE794DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342000_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "64041ACC-0BF1-45F7-B1AB-6C836BD606BB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D150239-27E2-4CBE-A931-5107C15E362F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D597D553-9E36-453A-8C82-FCBB38E6DE49",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98212CF5-BCF4-4A55-B62A-484569687B4E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102cl_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC0A5B21-421E-4E89-A408-D9B1639D0902",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102cl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D30336F0-EDCF-486C-B52E-D0C53BCDFC65",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6B88FC3-8FD3-4A2F-A2F0-BE6E29CB7D4F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99F2F851-C18F-4CB8-B47C-516F2AC7955D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F8EA70F-DD0C-4835-AA65-2B826807756B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "354968F7-C41B-4C21-8E47-81DC07DF0EA5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302cl_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "55DE4493-EC66-4A65-ACF1-085FEE3E350B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302cl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "32091F91-9397-4506-8801-C68B9E8B60F0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3E85D90-A4B8-46B9-B654-84CD68FCF658",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "075A16D1-F4DF-4DCB-8DF9-152E282CE01F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "86AA8980-5D94-4B49-858C-E24290AE8D36",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "56BAED8B-EEFA-45D7-A5A3-9B62067CE24C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp341000h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6520258-C8F2-48B3-AB65-281F46ECC6D7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "69222495-4F18-434E-B86C-F63C5A2C1242",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxh5724m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4DD1A18C-9B62-40C2-99CF-3A68544726EB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxh5724m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1F56BA4-6A19-44FB-8555-7360C77F83AF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxh5744m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3D6BEFC-72CD-44D8-957A-EC09429C5B01",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxh5744m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B57B894-5AA4-4412-B425-7338CB2FFA3C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57104m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9DEC794-B68A-40DC-8F84-00CBEB8864DE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57104m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "587226C6-6BE2-4A42-B593-34498F647B24",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57154m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "70BC8D38-1297-43F7-864F-693979F17BB4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57154m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CC8F0AB-C4A8-40B3-88E0-92F52EA05692",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp571634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8BAC53A2-F2DA-41C5-9699-EC421B3143E1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp571634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "31A5DCC8-9E3D-4919-9DE3-73FC8733E73D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57204m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "64F1346D-8D14-498D-A692-C1A5A0EF9378",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57204m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3202C35B-3356-43FA-84C1-A2444665EA56",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57254m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B6C1584-7ABD-427B-8321-1F5C8D3948A2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57254m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57B75D71-11CA-4DDF-849A-08A9D84C95AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp572634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9B7568D-8C01-4268-BAB6-A4849BFD3FA4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp572634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA2094F4-976F-44FA-A7E5-93E20A80DA00",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57304m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "62618355-F206-4112-95D0-4555377AB20F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57304m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5FDBAB3-C8C2-47F6-ACAA-B89BA53849B9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57354m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "786D8BB6-FD4D-41FB-BECB-8E4A70DA2BB1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57354m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAE46047-D9AF-4720-A130-A0F989423F82",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp573634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FC7B128-2CCC-46BA-B3EC-BF4AD8A788C3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp573634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80500883-2825-46DD-8ED9-4F324A4494CC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57454m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C14B9070-7919-40FE-AE5E-C56F88D87000",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57454m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC537593-1AB7-438E-AB71-EDB469A1DFF7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp574634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D634770-DB1F-43EF-AD2C-9351BD92D3BC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp574634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE60505D-0211-4E8C-B32C-988E25698B1E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp575634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E490099-5E81-464C-9790-7A1DCF112A5F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp575634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57BF89C2-27F8-4FF5-9E4F-4F0CB6C2F0E9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp576634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6E5F731-F702-4F83-AE10-E3C3009625D6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp576634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71146321-B31B-4C5B-A600-2E414D84916E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxh5724mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "60C65BC1-802C-4877-81C7-247D23CC5A9D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxh5724mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "09680CF4-5A88-4DEB-BD05-44BA24685098",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxh5744mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "725B442B-06BD-401A-B91C-5A2C490559F6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxh5744mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EB49EB2-5F90-49EA-BD95-52BF6F5B5FE3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57104mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B26315A-DA7B-48DC-93D2-ED292095CDB5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57104mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "13D605BE-1CB9-4954-BF09-BA666E722BC7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57154mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF6F4125-6D52-4788-B5BA-C4022C8079C5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57154mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5030BD7-A01B-4069-800B-0A91F55D14E4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp571634mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "00916712-0D0F-41FF-A977-95F98637FA27",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp571634mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "560A0D6E-6A0C-46E6-9216-C3369594B2FC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57204mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F3A2B5D-BEE1-4504-8196-B29EB0CC5A9A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57204mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "12D1C05A-AD02-43F1-B508-DC0ED0F269EC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57254mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "403ABCAE-2F5F-4E3B-9DDF-2E8E554CC9B2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57254mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "588F84BE-C0F5-4271-BE93-7EB721885390",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp572634mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "42C42113-3B11-4F71-8509-07758903AFEF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp572634mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91E32B09-3874-4198-BA17-332811B313CE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57304mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "27D4613F-7210-411C-B4D7-BC4EF5629686",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57304mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D70CDDC-9CE8-4766-8251-B87C1BE5F693",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57354mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "03B5326F-97AF-45EC-8F47-A449718A6A0C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57354mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F60FE0FD-2283-460D-98D6-7FDAF370F951",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp573634mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "612F0F44-8611-4F22-88E2-E085094418B3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp573634mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "77CBF69B-2CB1-4FD7-8004-BA76E1DD832C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57454mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8FF4C1F-1883-40F2-B966-0A282B26C503",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57454mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5647F4AB-8D54-42F9-BFF3-5AA22D07E694",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp574634mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "93134D1F-3F9C-42CC-B050-2FE4A41ECEA5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp574634mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE0A6EF5-9A76-4985-9411-44184BA51303",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57554mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CBE84C1-A5B1-4E8B-9CE1-D3243D7FD228",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57554mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A3B77B6-AAF8-456C-8B04-3623EB0E968E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp575634mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A88E0D7A-31DE-42E2-931A-E428B4515B2F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp575634mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AAD43A71-5615-4A3D-8AB9-F714827ADEE5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp576634mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD593582-806E-4C6D-B07A-CB31161AEFA6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp576634mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "827D5E75-1491-4485-B22B-E81AC90B923C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxh5724m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4DD1A18C-9B62-40C2-99CF-3A68544726EB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxh5724m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1F56BA4-6A19-44FB-8555-7360C77F83AF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxh5744mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "725B442B-06BD-401A-B91C-5A2C490559F6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxh5744mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EB49EB2-5F90-49EA-BD95-52BF6F5B5FE3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57554m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "24DE3518-2898-4D71-80ED-8C73FFE9E436",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57554m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5572E616-5D86-46FF-AEA7-4A12E66F0ED4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Hard coded accounts exist in Schneider Electric\u0027s Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communication modules."
    },
    {
      "lang": "es",
      "value": "Existen cuentas embebidas en los controladores Modicon Premium, Modicon Quantum, Modicon M340 y BMXNOR0200, de Schneider Electric, en todas las versiones de los m\u00f3dulos de comunicaci\u00f3n."
    }
  ],
  "id": "CVE-2018-7241",
  "lastModified": "2024-11-21T04:11:51.557",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-04-18T20:29:00.327",
  "references": [
    {
      "source": "cybersecurity@se.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/103542"
    },
    {
      "source": "cybersecurity@se.com",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-086-01"
    },
    {
      "source": "cybersecurity@se.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-081-01/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/103542"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-086-01"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-081-01/"
    }
  ],
  "sourceIdentifier": "cybersecurity@se.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-798"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2020-12-11 01:15
Modified
2024-11-21 05:37
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum & Modicon Premium (see security notifications for affected versions), that could cause denial of service when a specially crafted Read Physical Memory request over Modbus is sent to the controller.
References
cybersecurity@se.comhttps://www.se.com/ww/en/download/document/SEVD-2020-343-08/Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.se.com/ww/en/download/document/SEVD-2020-343-08/Vendor Advisory
Impacted products
Vendor Product Version
schneider-electric modicon_m580_bmep584040_firmware *
schneider-electric modicon_m580_bmep584040 -
schneider-electric modicon_m580_bmep582040_firmware *
schneider-electric modicon_m580_bmep582040 -
schneider-electric modicon_m580_bmep586040_firmware *
schneider-electric modicon_m580_bmep586040 -
schneider-electric modicon_m580_bmep585040_firmware *
schneider-electric modicon_m580_bmep585040 -
schneider-electric modicon_m580_bmep582020_firmware *
schneider-electric modicon_m580_bmep582020 -
schneider-electric modicon_m580_bmep581020_firmware *
schneider-electric modicon_m580_bmep581020 -
schneider-electric modicon_m580_bmep584020_firmware *
schneider-electric modicon_m580_bmep584020 -
schneider-electric modicon_m580_bmep583040_firmware *
schneider-electric modicon_m580_bmep583040 -
schneider-electric modicon_m580_bmep583020_firmware *
schneider-electric modicon_m580_bmep583020 -
schneider-electric modicon_m340_bmxp341000_firmware *
schneider-electric modicon_m340_bmxp341000 -
schneider-electric modicon_m340_bmxp342000_firmware *
schneider-electric modicon_m340_bmxp342000 -
schneider-electric modicon_m340_bmxp3420102_firmware *
schneider-electric modicon_m340_bmxp3420102 -
schneider-electric modicon_m340_bmxp3420102cl_firmware *
schneider-electric modicon_m340_bmxp3420102cl -
schneider-electric modicon_m340_bmxp342020_firmware *
schneider-electric modicon_m340_bmxp342020 -
schneider-electric modicon_m340_bmxp3420302_firmware *
schneider-electric modicon_m340_bmxp3420302 -
schneider-electric modicon_m340_bmxp3420302cl_firmware *
schneider-electric modicon_m340_bmxp3420302cl -
schneider-electric tsxp574634_firmware *
schneider-electric tsxp574634 -
schneider-electric tsxp575634_firmware *
schneider-electric tsxp575634 -
schneider-electric tsxp576634_firmware *
schneider-electric tsxp576634 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep584040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C2208FD-0126-4ECF-97DF-89998EE90A5F",
              "versionEndExcluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC4A1DF2-FF4C-4DBE-BF74-6A4A09E3DECE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB772761-8859-4AA5-ACAC-4A5859FCE0A9",
              "versionEndExcluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBCCDD6D-35CE-4680-8B0C-86584B1D8958",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep586040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B0DB061-8B7F-4FEC-9275-6FFE045DCE81",
              "versionEndExcluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep586040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B3C1879-269B-47EB-891B-EF2E90C911D7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep585040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BAA3B4D9-7F47-4813-9784-EB7BF53A32DE",
              "versionEndExcluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep585040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5376D9F4-8AFB-4909-A11B-33C54C4220DB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE7D852A-18A3-4AB8-B6AD-4B9815950CC4",
              "versionEndExcluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "765E4FEE-255E-4C47-824A-5661B84B490B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep581020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4325AE79-6FDA-47A7-B3A6-C47C5C2C510D",
              "versionEndExcluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep581020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2317F260-7AA2-4178-B468-03DF36223E26",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep584020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6149E270-E76E-4011-A488-2571499A6C76",
              "versionEndExcluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "47DFEBAC-2F1D-4870-8425-2199BF80B425",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep583040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6AF74D66-DEF7-4A05-A6FC-15645BA8B8AB",
              "versionEndExcluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep583040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "002E7F33-6729-4C35-9DDA-7D8383BD5668",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep583020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A4810AB-2986-4152-9E48-488959A15361",
              "versionEndExcluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep583020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBC38FF1-693E-4899-883C-1B7B80A52F2C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp341000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C440362A-7E0E-497C-B275-409E9B57D8A2",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "178D2338-E48E-493C-992F-337AACE794DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6ACCC66-4075-4EE9-A6BA-01EF7529C568",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D150239-27E2-4CBE-A931-5107C15E362F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD031F4E-9F3C-4035-AFB8-B7442F1B2475",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98212CF5-BCF4-4A55-B62A-484569687B4E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102cl_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C1D1498-1069-4080-8EB4-3BA6C0DC2CEA",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102cl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D30336F0-EDCF-486C-B52E-D0C53BCDFC65",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5481772-5E18-4985-A5E5-F7223B52A90B",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99F2F851-C18F-4CB8-B47C-516F2AC7955D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A83CF92-F35F-416F-B571-CA5600BF671F",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "354968F7-C41B-4C21-8E47-81DC07DF0EA5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302cl_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E506AD9-C302-4D41-B971-46DE19AF83FB",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302cl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "32091F91-9397-4506-8801-C68B9E8B60F0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp574634_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C32BDE35-7AC6-44C3-8135-BAA128B44559",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp574634:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "76B1122A-56A2-44BB-8648-C6E96D1966D9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp575634_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CAEBC02-9BA6-4D36-AC3D-E1CE531F918E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp575634:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0678A50-FE23-49BD-A6CF-A7094EFDAFA1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp576634_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "23918D88-851B-480E-972E-EB48CAFA7AF4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp576634:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "38F83CCC-4A66-4D47-A563-777A16028F3B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum \u0026 Modicon Premium (see security notifications for affected versions), that could cause denial of service when a specially crafted Read Physical Memory request over Modbus is sent to the controller."
    },
    {
      "lang": "es",
      "value": "Una CWE-754: Se presenta una vulnerabilidad de Comprobaci\u00f3n Inapropiada de Condiciones Inusuales o Excepcionales en Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum y Modicon Premium (consulte las notificaciones de seguridad para las versiones afectadas), que podr\u00eda causar una denegaci\u00f3n de servicio cuando una petici\u00f3n Read Physical Memory especialmente dise\u00f1ada a trav\u00e9s de Modbus es enviada hacia el controlador"
    }
  ],
  "id": "CVE-2020-7537",
  "lastModified": "2024-11-21T05:37:20.177",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-12-11T01:15:12.253",
  "references": [
    {
      "source": "cybersecurity@se.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-08/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-08/"
    }
  ],
  "sourceIdentifier": "cybersecurity@se.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-754"
        }
      ],
      "source": "cybersecurity@se.com",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2020-12-11 01:15
Modified
2024-11-21 05:37
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal' Vulnerability Type) vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause disclosure of information when sending a specially crafted request to the controller over HTTP.
References
cybersecurity@se.comhttps://www.se.com/ww/en/download/document/SEVD-2020-343-05/Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.se.com/ww/en/download/document/SEVD-2020-343-05/Vendor Advisory
Impacted products
Vendor Product Version
schneider-electric modicon_m340_bmxp341000_firmware *
schneider-electric modicon_m340_bmxp341000 -
schneider-electric modicon_m340_bmxp342000_firmware *
schneider-electric modicon_m340_bmxp342000 -
schneider-electric modicon_m340_bmxp3420102_firmware *
schneider-electric modicon_m340_bmxp3420102 -
schneider-electric modicon_m340_bmxp3420102cl_firmware *
schneider-electric modicon_m340_bmxp3420102cl -
schneider-electric modicon_m340_bmxp342020_firmware *
schneider-electric modicon_m340_bmxp342020 -
schneider-electric modicon_m340_bmxp3420302_firmware *
schneider-electric modicon_m340_bmxp3420302 -
schneider-electric modicon_m340_bmxp3420302cl_firmware *
schneider-electric modicon_m340_bmxp3420302cl -
schneider-electric bmxnoe0100_firmware *
schneider-electric bmxnoe0100 -
schneider-electric bmxnoe0110_firmware *
schneider-electric bmxnoe0110 -
schneider-electric 140noe77101_firmware *
schneider-electric 140noe77101 -
schneider-electric 140noe77111_firmware *
schneider-electric 140noe77111 -
schneider-electric 140cpu65150_firmware *
schneider-electric 140cpu65150 -
schneider-electric 140cpu65160_firmware *
schneider-electric 140cpu65160 -
schneider-electric 140noc78000_firmware *
schneider-electric 140noc78000 -
schneider-electric 140noc78100_firmware *
schneider-electric 140noc78100 -
schneider-electric 140noc77101_firmware *
schneider-electric 140noc77101 -
schneider-electric tsxp574634_firmware *
schneider-electric tsxp574634 -
schneider-electric tsxp575634_firmware *
schneider-electric tsxp575634 -
schneider-electric tsxp576634_firmware *
schneider-electric tsxp576634 -
schneider-electric tsxety4103_firmware *
schneider-electric tsxety4103 -
schneider-electric tsxety5103_firmware *
schneider-electric tsxety5103 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp341000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C440362A-7E0E-497C-B275-409E9B57D8A2",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "178D2338-E48E-493C-992F-337AACE794DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6ACCC66-4075-4EE9-A6BA-01EF7529C568",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D150239-27E2-4CBE-A931-5107C15E362F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD031F4E-9F3C-4035-AFB8-B7442F1B2475",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98212CF5-BCF4-4A55-B62A-484569687B4E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102cl_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C1D1498-1069-4080-8EB4-3BA6C0DC2CEA",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102cl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D30336F0-EDCF-486C-B52E-D0C53BCDFC65",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5481772-5E18-4985-A5E5-F7223B52A90B",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99F2F851-C18F-4CB8-B47C-516F2AC7955D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A83CF92-F35F-416F-B571-CA5600BF671F",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "354968F7-C41B-4C21-8E47-81DC07DF0EA5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302cl_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E506AD9-C302-4D41-B971-46DE19AF83FB",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302cl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "32091F91-9397-4506-8801-C68B9E8B60F0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnoe0100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C045040-20CA-488D-A36D-A433754A33E8",
              "versionEndExcluding": "3.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnoe0100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80FC6FF2-D662-4A57-AAA6-BC04351DC779",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnoe0110_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A33A381-6772-4137-A677-5F73EA398FF6",
              "versionEndExcluding": "6.6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnoe0110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98F3B055-8919-4E09-9827-288F0A03DAFF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140noe77101_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "181826EC-4E4E-4EE2-A729-6823843E6CA8",
              "versionEndExcluding": "7.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140noe77101:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBA60BB0-1725-45E7-9191-0D300EB05082",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140noe77111_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FC49273-1C5D-4E0E-B484-0269CDA4E655",
              "versionEndExcluding": "7.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140noe77111:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CBDCA32-398A-4AC3-A477-DEF9ACD4D3F4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8048EA69-8FC8-4415-BA20-D2813F8BD83D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC3E5496-C3D0-4DF4-A9AF-F227F889840E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65160_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CD78FFA-3F5F-43DA-979D-42B0673C36D0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65160:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2C2AF70-F0BB-4D17-901C-1FCBECDC44FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140noc78000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A62DEBF-6343-48BB-835C-64AE9D8F956A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140noc78000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "876CE5BA-B45D-4FFD-8176-E26181DAC355",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140noc78100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D11C9B98-3119-41CF-8320-447E7E00977E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140noc78100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1067FDEA-33BC-4AA9-AC5B-099BA757065B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140noc77101_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "10B16121-8DC3-4EA1-AC7B-D611A1C3C9A4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140noc77101:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B688E46-6D5B-4197-BBA2-23F361E656E0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp574634_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C32BDE35-7AC6-44C3-8135-BAA128B44559",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp574634:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "76B1122A-56A2-44BB-8648-C6E96D1966D9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp575634_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CAEBC02-9BA6-4D36-AC3D-E1CE531F918E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp575634:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0678A50-FE23-49BD-A6CF-A7094EFDAFA1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp576634_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "23918D88-851B-480E-972E-EB48CAFA7AF4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp576634:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "38F83CCC-4A66-4D47-A563-777A16028F3B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxety4103_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "066E3E6C-8A0E-4360-A4ED-32A84B7647FC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxety4103:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "18B13865-038C-4073-955A-36E6F5037C2C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxety5103_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7B418F6-DCED-40B9-8B35-DC50FD8EF6FD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxety5103:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A901BF2-9316-4067-9AFC-8A7CB3549F68",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027 Vulnerability Type) vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause disclosure of information when sending a specially crafted request to the controller over HTTP."
    },
    {
      "lang": "es",
      "value": "Una CWE-22: Se presenta una vulnerabilidad de Limitaci\u00f3n Inapropiada de un Nombre de Ruta a un Directorio Restringido (Tipo de Vulnerabilidad \"Path Traversal\") en el Servidor Web en Modicon M340, Legacy Offers Modicon Quantum y Modicon Premium y M\u00f3dulos de Comunicaci\u00f3n asociados (consulte la notificaci\u00f3n de seguridad para las versiones afectadas ), que podr\u00eda causar la divulgaci\u00f3n de informaci\u00f3n cuando se env\u00eda una petici\u00f3n especialmente dise\u00f1ada hacia el controlador a trav\u00e9s de HTTP"
    }
  ],
  "id": "CVE-2020-7535",
  "lastModified": "2024-11-21T05:37:19.907",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-12-11T01:15:12.127",
  "references": [
    {
      "source": "cybersecurity@se.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-05/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-05/"
    }
  ],
  "sourceIdentifier": "cybersecurity@se.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "cybersecurity@se.com",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2020-12-11 01:15
Modified
2024-11-21 05:37
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A CWE-754 Improper Check for Unusual or Exceptional Conditions vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause a denial of service vulnerability when a specially crafted packet is sent to the controller over HTTP.
References
cybersecurity@se.comhttps://www.se.com/ww/en/download/document/SEVD-2020-343-03/Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.se.com/ww/en/download/document/SEVD-2020-343-03/Vendor Advisory
Impacted products
Vendor Product Version
schneider-electric modicon_m340_bmxp341000_firmware *
schneider-electric modicon_m340_bmxp341000 -
schneider-electric modicon_m340_bmxp342000_firmware *
schneider-electric modicon_m340_bmxp342000 -
schneider-electric modicon_m340_bmxp3420102_firmware *
schneider-electric modicon_m340_bmxp3420102 -
schneider-electric modicon_m340_bmxp3420102cl_firmware *
schneider-electric modicon_m340_bmxp3420102cl -
schneider-electric modicon_m340_bmxp342020_firmware *
schneider-electric modicon_m340_bmxp342020 -
schneider-electric modicon_m340_bmxp3420302_firmware *
schneider-electric modicon_m340_bmxp3420302 -
schneider-electric modicon_m340_bmxp3420302cl_firmware *
schneider-electric modicon_m340_bmxp3420302cl -
schneider-electric bmxnoe0100_firmware *
schneider-electric bmxnoe0100 -
schneider-electric bmxnoe0110_firmware *
schneider-electric bmxnoe0110 -
schneider-electric bmxnoc0401_firmware *
schneider-electric bmxnoc0401 -
schneider-electric tsxp574634_firmware *
schneider-electric tsxp574634 -
schneider-electric tsxp575634_firmware *
schneider-electric tsxp575634 -
schneider-electric tsxp576634_firmware *
schneider-electric tsxp576634 -
schneider-electric tsxety4103_firmware *
schneider-electric tsxety4103 -
schneider-electric tsxety5103_firmware *
schneider-electric tsxety5103 -
schneider-electric 140cpu65150_firmware *
schneider-electric 140cpu65150 -
schneider-electric 140noe77111_firmware *
schneider-electric 140noe77111 -
schneider-electric 140noc78100_firmware *
schneider-electric 140noc78100 -
schneider-electric 140noc78000_firmware *
schneider-electric 140noc78000 -
schneider-electric 140noc77101_firmware *
schneider-electric 140noc77101 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp341000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C440362A-7E0E-497C-B275-409E9B57D8A2",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "178D2338-E48E-493C-992F-337AACE794DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6ACCC66-4075-4EE9-A6BA-01EF7529C568",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D150239-27E2-4CBE-A931-5107C15E362F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD031F4E-9F3C-4035-AFB8-B7442F1B2475",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98212CF5-BCF4-4A55-B62A-484569687B4E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102cl_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C1D1498-1069-4080-8EB4-3BA6C0DC2CEA",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102cl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D30336F0-EDCF-486C-B52E-D0C53BCDFC65",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5481772-5E18-4985-A5E5-F7223B52A90B",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99F2F851-C18F-4CB8-B47C-516F2AC7955D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A83CF92-F35F-416F-B571-CA5600BF671F",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "354968F7-C41B-4C21-8E47-81DC07DF0EA5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302cl_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E506AD9-C302-4D41-B971-46DE19AF83FB",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302cl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "32091F91-9397-4506-8801-C68B9E8B60F0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnoe0100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BCDF059-40BF-4A32-9932-A7A744E6F295",
              "versionEndExcluding": "3.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnoe0100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80FC6FF2-D662-4A57-AAA6-BC04351DC779",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnoe0110_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E001828-1A7D-4C8B-95FC-046652D3EF07",
              "versionEndExcluding": "6.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnoe0110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98F3B055-8919-4E09-9827-288F0A03DAFF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnoc0401_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "887976CC-8244-4D86-9941-BA82BC1AB6C2",
              "versionEndExcluding": "2.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnoc0401:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF08654A-FFCB-47D3-AC82-DF7284548962",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp574634_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "19D112F4-50CB-4EFE-B0EA-43A732A22283",
              "versionEndExcluding": "6.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp574634:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "76B1122A-56A2-44BB-8648-C6E96D1966D9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp575634_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EDD6B6C-FF2A-4960-AFD6-9DF4B4F7FD5E",
              "versionEndExcluding": "6.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp575634:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0678A50-FE23-49BD-A6CF-A7094EFDAFA1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp576634_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CB6318A-9AEF-4C9D-9678-05208026AC8A",
              "versionEndExcluding": "6.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp576634:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "38F83CCC-4A66-4D47-A563-777A16028F3B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxety4103_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "92C280EA-9C52-47A9-AA1E-B0AA9C1F67F2",
              "versionEndExcluding": "6.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxety4103:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "18B13865-038C-4073-955A-36E6F5037C2C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxety5103_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C093ECB-B977-4346-9E0E-DC30DD762055",
              "versionEndExcluding": "6.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxety5103:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A901BF2-9316-4067-9AFC-8A7CB3549F68",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F419FC54-72D9-488F-9B0F-C12CEA213089",
              "versionEndExcluding": "6.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC3E5496-C3D0-4DF4-A9AF-F227F889840E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140noe77111_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4570480E-3787-4263-AB51-8AD0B62969CB",
              "versionEndExcluding": "7.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140noe77111:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CBDCA32-398A-4AC3-A477-DEF9ACD4D3F4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140noc78100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCD74F63-7BA1-498F-977F-FCA90B5968AA",
              "versionEndExcluding": "1.74",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140noc78100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1067FDEA-33BC-4AA9-AC5B-099BA757065B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140noc78000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD80E512-2D78-4375-8DBB-D12E5F0AF484",
              "versionEndExcluding": "1.74",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140noc78000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "876CE5BA-B45D-4FFD-8176-E26181DAC355",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140noc77101_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAA8F733-513D-458A-A1ED-849A3DE8F5FD",
              "versionEndExcluding": "1.08",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140noc77101:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B688E46-6D5B-4197-BBA2-23F361E656E0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A CWE-754 Improper Check for Unusual or Exceptional Conditions vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause a denial of service vulnerability when a specially crafted packet is sent to the controller over HTTP."
    },
    {
      "lang": "es",
      "value": "Una CWE-754: Se presenta una vulnerabilidad de Comprobaci\u00f3n Inapropiada de Condiciones Inusuales o Excepcionales en el Servidor Web en Modicon M340, Legacy Offers Modicon Quantum y Modicon Premium y M\u00f3dulos de Comunicaci\u00f3n asociados (consulte la notificaci\u00f3n de seguridad para las versiones afectadas), que podr\u00eda causar una vulnerabilidad de denegaci\u00f3n de servicio cuando un paquete especialmente dise\u00f1ado es enviado hacia el controlador a trav\u00e9s de HTTP"
    }
  ],
  "id": "CVE-2020-7539",
  "lastModified": "2024-11-21T05:37:20.433",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-12-11T01:15:12.313",
  "references": [
    {
      "source": "cybersecurity@se.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-03/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-03/"
    }
  ],
  "sourceIdentifier": "cybersecurity@se.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-754"
        }
      ],
      "source": "cybersecurity@se.com",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2021-07-14 15:15
Modified
2024-11-21 05:50
Severity ?
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Summary
Authentication Bypass by Spoofing vulnerability exists in EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all versions of Unity Pro), EcoStruxure Control Expert V15.0 SP1, EcoStruxure Process Expert (all versions, including all versions of EcoStruxure Hybrid DCS), SCADAPack RemoteConnect for x70 (all versions), Modicon M580 CPU (all versions - part numbers BMEP* and BMEH*), Modicon M340 CPU (all versions - part numbers BMXP34*), that could cause unauthorized access in read and write mode to the controller by spoofing the Modbus communication between the engineering software and the controller.
References
cybersecurity@se.comhttp://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-194-01Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-194-01Vendor Advisory
Impacted products
Vendor Product Version
schneider-electric ecostruxure_control_expert *
schneider-electric ecostruxure_control_expert 15.0
schneider-electric ecostruxure_control_expert 15.0
schneider-electric ecostruxure_process_expert *
schneider-electric remoteconnect *
schneider-electric modicon_m580_bmep581020_firmware *
schneider-electric modicon_m580_bmep581020 -
schneider-electric modicon_m580_bmep581020h_firmware *
schneider-electric modicon_m580_bmep581020h -
schneider-electric modicon_m580_bmep582020_firmware *
schneider-electric modicon_m580_bmep582020 -
schneider-electric modicon_m580_bmep582020h_firmware *
schneider-electric modicon_m580_bmep582020h -
schneider-electric modicon_m580_bmep582040_firmware *
schneider-electric modicon_m580_bmep582040 -
schneider-electric modicon_m580_bmep582040h_firmware *
schneider-electric modicon_m580_bmep582040h -
schneider-electric modicon_m580_bmep582040s_firmware *
schneider-electric modicon_m580_bmep582040s -
schneider-electric modicon_m580_bmep583020_firmware *
schneider-electric modicon_m580_bmep583020 -
schneider-electric modicon_m580_bmep583040_firmware *
schneider-electric modicon_m580_bmep583040 -
schneider-electric modicon_m580_bmep584020_firmware *
schneider-electric modicon_m580_bmep584020 -
schneider-electric modicon_m580_bmep584040_firmware *
schneider-electric modicon_m580_bmep584040 -
schneider-electric modicon_m580_bmep584040s_firmware *
schneider-electric modicon_m580_bmep584040s -
schneider-electric modicon_m580_bmep585040_firmware *
schneider-electric modicon_m580_bmep585040 -
schneider-electric modicon_m580_bmep585040c_firmware *
schneider-electric modicon_m580_bmep585040c -
schneider-electric modicon_m580_bmep586040_firmware *
schneider-electric modicon_m580_bmep586040 -
schneider-electric modicon_m580_bmep586040c_firmware *
schneider-electric modicon_m580_bmep586040c -
schneider-electric modicon_m580_bmeh582040_firmware *
schneider-electric modicon_m580_bmeh582040 -
schneider-electric modicon_m580_bmeh582040c_firmware *
schneider-electric modicon_m580_bmeh582040c -
schneider-electric modicon_m580_bmeh582040s_firmware *
schneider-electric modicon_m580_bmeh582040s -
schneider-electric modicon_m580_bmeh584040_firmware *
schneider-electric modicon_m580_bmeh584040 -
schneider-electric modicon_m580_bmeh584040c_firmware *
schneider-electric modicon_m580_bmeh584040c -
schneider-electric modicon_m580_bmeh584040s_firmware *
schneider-electric modicon_m580_bmeh584040s -
schneider-electric modicon_m580_bmeh586040_firmware *
schneider-electric modicon_m580_bmeh586040 -
schneider-electric modicon_m580_bmeh586040c_firmware *
schneider-electric modicon_m580_bmeh586040c -
schneider-electric modicon_m580_bmeh586040s_firmware *
schneider-electric modicon_m580_bmeh586040s -
schneider-electric modicon_m340_bmxp341000_firmware *
schneider-electric modicon_m340_bmxp341000 -
schneider-electric modicon_m340_bmxp342010_firmware *
schneider-electric modicon_m340_bmxp342010 -
schneider-electric modicon_m340_bmxp342020_firmware *
schneider-electric modicon_m340_bmxp342020 -
schneider-electric modicon_m340_bmxp342030_firmware *
schneider-electric modicon_m340_bmxp342030 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:schneider-electric:ecostruxure_control_expert:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "43140BF9-455B-4E3C-BF5E-BB9BBF9802D2",
              "versionEndExcluding": "15.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:schneider-electric:ecostruxure_control_expert:15.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "A9BF2D84-901E-4D34-941F-FFAB85B0E9D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:schneider-electric:ecostruxure_control_expert:15.0:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "939C02B6-B5C5-4F87-8179-4AFFE13FCFD2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:schneider-electric:ecostruxure_process_expert:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD97669F-93D5-42C4-BFC4-1993867F5911",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:schneider-electric:remoteconnect:*:*:*:*:*:*:scadapack_x70:*",
              "matchCriteriaId": "2D7E0B75-171E-4A73-B722-13473CE1B9D7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep581020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "49646E6C-381F-495B-A5E8-8F522571D4AD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep581020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2317F260-7AA2-4178-B468-03DF36223E26",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep581020h_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F472ED1-8FE6-43BC-A4FF-E956D17ED427",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep581020h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D7DDC42-37A1-43B0-AD46-2E0D098564BA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F1315A8-FDEE-487F-BA66-A99745783911",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "765E4FEE-255E-4C47-824A-5661B84B490B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582020h_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F543A095-B798-4C5B-A2B6-DF893191EAC3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582020h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1FEA377-3C45-4F88-B233-088A24BD0771",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "71823B23-C4E6-40EC-AC9C-2EABFDAFE498",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBCCDD6D-35CE-4680-8B0C-86584B1D8958",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582040h_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BDD13AD-681C-4C7D-82D5-3017FB3BE852",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "68FD5968-C522-4231-A98C-93D3101B6148",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582040s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B782A209-0612-4CA1-8438-6653D75F452C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C02B27F6-B8CF-4D3B-9DA6-054F540EA6B6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep583020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "43B3DF32-480E-4CE1-9396-B33CD5F63A22",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep583020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBC38FF1-693E-4899-883C-1B7B80A52F2C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep583040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA09FB51-0FDC-4457-8ED6-A963CAB97DF4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep583040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "002E7F33-6729-4C35-9DDA-7D8383BD5668",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep584020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9C82569-7D6C-4FD9-B5BB-2E9576FDFB0E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "47DFEBAC-2F1D-4870-8425-2199BF80B425",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep584040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DC98F7D-BDCC-4CF1-BA80-55EA68C5DDB5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC4A1DF2-FF4C-4DBE-BF74-6A4A09E3DECE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep584040s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB7741EA-7955-4FC6-BE64-23EFBB0E3DC6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6222C1F8-BE52-4666-B7F5-2E8BBC214F70",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep585040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "252FA576-D00F-4BF2-871D-291D209B443C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep585040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5376D9F4-8AFB-4909-A11B-33C54C4220DB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep585040c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2786E51E-B042-4DEF-98CE-C46F381D468C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep585040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CADB178B-FEFD-48A9-B155-0E8F6D490229",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep586040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D9E6C74-FAEE-49D3-807B-7F8416C12725",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep586040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B3C1879-269B-47EB-891B-EF2E90C911D7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep586040c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B182E938-6B50-4F3A-BAF6-AD2637E31E43",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep586040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5771A1A5-3DAF-4869-A24F-F9B0A38B5DA5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh582040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C610F17-FD8F-425E-A169-47EA7E6E8A0A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F484F8BB-60B5-4045-92C3-0C2A0CD4107E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh582040c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "355FFF2A-2B69-4340-AC49-257C0DC63B70",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4F0F823-89EA-451D-81DC-07AACA039371",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh582040s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "777E63F4-CC75-4D68-98CC-896C58EBDD5A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "610AE743-9FD1-4149-AD45-3B1DAE268BF9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh584040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF0ACFD6-D1EE-4C25-A307-2E3FB67F4A20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "77116949-1141-432D-964B-29A759939E8F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh584040c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB46DD56-7A06-428C-97CB-E01C22BC8214",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6CE23A2-09CC-4417-A45F-63BCA66C4DD8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh584040s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "29482B31-563A-4931-B11E-FDE86F87F25E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "97AAD857-95C0-4AE3-8510-CB306E8293F4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh586040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D261663-D224-4C92-A3F4-3509CAA78A36",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "07E2FB94-F402-4CF0-BE35-574C1C6528BA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh586040c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C6737F3-F881-4BDC-A4F4-F6F08B88EC1E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E776EE9-A662-4068-A61A-62CAE23C87F7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh586040s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEBCF494-DC4C-4567-A5C8-2C8D93BAF289",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D53BD038-D594-41FF-B3EF-3365C5432AD0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp341000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8152BD1B-DB69-4BD0-9DD3-79FC059319B1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "178D2338-E48E-493C-992F-337AACE794DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342010_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A4A2D03-6D4E-4ED9-A0CE-3DD681CB6E9F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "833B2455-5D39-4457-9D6F-0CD738A2EB02",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C747D719-51A2-44F5-B940-89D84437DA95",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99F2F851-C18F-4CB8-B47C-516F2AC7955D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342030_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "34CC8BAD-3D4F-4DAD-B8CE-09D0BF4A5E11",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342030:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E472ABB0-5556-4B96-9CEF-2180E24FA7FD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Authentication Bypass by Spoofing vulnerability exists in EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all versions of Unity Pro), EcoStruxure Control Expert V15.0 SP1, EcoStruxure Process Expert (all versions, including all versions of EcoStruxure Hybrid DCS), SCADAPack RemoteConnect for x70 (all versions), Modicon M580 CPU (all versions - part numbers BMEP* and BMEH*), Modicon M340 CPU (all versions - part numbers BMXP34*), that could cause unauthorized access in read and write mode to the controller by spoofing the Modbus communication between the engineering software and the controller."
    },
    {
      "lang": "es",
      "value": "Se presenta una vulnerabilidad de Omisi\u00f3n de Autenticaci\u00f3n por Spoofing en EcoStruxure Control Expert (todas las versiones anteriores a V15.0 SP1, incluyendo todas las versiones de Unity Pro), EcoStruxure Control Expert versi\u00f3n V15.0 SP1, EcoStruxure Process Expert (todas las versiones, incluyendo todas las versiones de EcoStruxure Hybrid DCS), SCADAPack RemoteConnect for x70 (todas las versiones), Modicon M580 CPU (todas las versiones - n\u00fameros de parte BMEP* y BMEH*), Modicon M340 CPU (todas las versiones - n\u00fameros de parte BMXP34*), que podr\u00eda causar un acceso no autorizado en modo de lectura y escritura al controlador mediante el spoofing de la comunicaci\u00f3n Modbus entre el software de ingenier\u00eda y el controlador"
    }
  ],
  "id": "CVE-2021-22779",
  "lastModified": "2024-11-21T05:50:38.990",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 6.4,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 9.1,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.2,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-07-14T15:15:08.240",
  "references": [
    {
      "source": "cybersecurity@se.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-194-01"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-194-01"
    }
  ],
  "sourceIdentifier": "cybersecurity@se.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-290"
        }
      ],
      "source": "cybersecurity@se.com",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2020-12-11 01:15
Modified
2024-11-21 05:37
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A CWE-754:Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M340 CPUs (BMXP34* versions prior to V3.30) Modicon M340 Communication Ethernet modules (BMXNOE0100 (H) versions prior to V3.4 BMXNOE0110 (H) versions prior to V6.6 BMXNOR0200H all versions), that could cause the device to be unreachable when modifying network parameters over SNMP.
References
cybersecurity@se.comhttps://security.cse.iitk.ac.in/responsible-disclosureVendor Advisory
cybersecurity@se.comhttps://www.se.com/ww/en/download/document/SEVD-2020-343-07/Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.cse.iitk.ac.in/responsible-disclosureVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.se.com/ww/en/download/document/SEVD-2020-343-07/Vendor Advisory
Impacted products
Vendor Product Version
schneider-electric modicon_m340_bmxp341000_firmware *
schneider-electric modicon_m340_bmxp341000 -
schneider-electric modicon_m340_bmxp342000_firmware *
schneider-electric modicon_m340_bmxp342000 -
schneider-electric modicon_m340_bmxp3420102_firmware *
schneider-electric modicon_m340_bmxp3420102 -
schneider-electric modicon_m340_bmxp3420102cl_firmware *
schneider-electric modicon_m340_bmxp3420102cl -
schneider-electric modicon_m340_bmxp342020_firmware *
schneider-electric modicon_m340_bmxp342020 -
schneider-electric modicon_m340_bmxp3420302_firmware *
schneider-electric modicon_m340_bmxp3420302 -
schneider-electric modicon_m340_bmxp3420302cl_firmware *
schneider-electric modicon_m340_bmxp3420302cl -
schneider-electric bmxnoe0100_firmware *
schneider-electric bmxnoe0100 -
schneider-electric bmxnoe0110_firmware *
schneider-electric bmxnoe0110 -
schneider-electric bmxnor0200h_firmware *
schneider-electric bmxnor0200h -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp341000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C440362A-7E0E-497C-B275-409E9B57D8A2",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "178D2338-E48E-493C-992F-337AACE794DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6ACCC66-4075-4EE9-A6BA-01EF7529C568",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D150239-27E2-4CBE-A931-5107C15E362F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD031F4E-9F3C-4035-AFB8-B7442F1B2475",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98212CF5-BCF4-4A55-B62A-484569687B4E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102cl_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C1D1498-1069-4080-8EB4-3BA6C0DC2CEA",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102cl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D30336F0-EDCF-486C-B52E-D0C53BCDFC65",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5481772-5E18-4985-A5E5-F7223B52A90B",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99F2F851-C18F-4CB8-B47C-516F2AC7955D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A83CF92-F35F-416F-B571-CA5600BF671F",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "354968F7-C41B-4C21-8E47-81DC07DF0EA5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302cl_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E506AD9-C302-4D41-B971-46DE19AF83FB",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302cl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "32091F91-9397-4506-8801-C68B9E8B60F0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnoe0100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C045040-20CA-488D-A36D-A433754A33E8",
              "versionEndExcluding": "3.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnoe0100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80FC6FF2-D662-4A57-AAA6-BC04351DC779",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnoe0110_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A33A381-6772-4137-A677-5F73EA398FF6",
              "versionEndExcluding": "6.6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnoe0110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98F3B055-8919-4E09-9827-288F0A03DAFF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnor0200h_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AECF5778-C5F5-4789-BD3D-793B35DDDBDF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnor0200h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "60D9A366-3394-4275-B884-AE6E7227156E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A CWE-754:Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M340 CPUs (BMXP34* versions prior to V3.30) Modicon M340 Communication Ethernet modules (BMXNOE0100 (H) versions prior to V3.4 BMXNOE0110 (H) versions prior to V6.6 BMXNOR0200H all versions), that could cause the device to be unreachable when modifying network parameters over SNMP."
    },
    {
      "lang": "es",
      "value": "Una CWE-754: Se presenta una vulnerabilidad de Comprobaci\u00f3n Inapropiada de Condiciones Inusuales o Excepcionales en Modicon M340 CPUs (BMXP34* versiones anteriores a V3.30) M\u00f3dulos Modicon M340 Communication Ethernet (BMXNOE0100 (H) versiones anteriores a V3.4, BMXNOE0110 (H) versiones anteriores a V6.6, BMXNOR0200H todas las versiones), lo que podr\u00eda causar que el dispositivo no sea accesible cuando se modifican los par\u00e1metros de red a trav\u00e9s de SNMP"
    }
  ],
  "id": "CVE-2020-7536",
  "lastModified": "2024-11-21T05:37:20.047",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-12-11T01:15:12.190",
  "references": [
    {
      "source": "cybersecurity@se.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://security.cse.iitk.ac.in/responsible-disclosure"
    },
    {
      "source": "cybersecurity@se.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-07/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://security.cse.iitk.ac.in/responsible-disclosure"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-07/"
    }
  ],
  "sourceIdentifier": "cybersecurity@se.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-754"
        }
      ],
      "source": "cybersecurity@se.com",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2018-04-18 20:29
Modified
2024-11-21 04:11
Severity ?
9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Vulnerable hash algorithms exists in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communication modules. The algorithm used to encrypt the password is vulnerable to hash collision attacks.
References
cybersecurity@se.comhttp://www.securityfocus.com/bid/103543Third Party Advisory, VDB Entry
cybersecurity@se.comhttps://ics-cert.us-cert.gov/advisories/ICSA-18-086-01Third Party Advisory, US Government Resource
cybersecurity@se.comhttps://www.schneider-electric.com/en/download/document/SEVD-2018-081-01/Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/103543Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://ics-cert.us-cert.gov/advisories/ICSA-18-086-01Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108https://www.schneider-electric.com/en/download/document/SEVD-2018-081-01/Vendor Advisory
Impacted products
Vendor Product Version
schneider-electric bmxnor0200_firmware -
schneider-electric bmxnor0200 -
schneider-electric bmxnor0200h_firmware -
schneider-electric bmxnor0200h -
schneider-electric 140cpu65150_firmware -
schneider-electric 140cpu65150 -
schneider-electric 140cpu31110_firmware -
schneider-electric 140cpu31110 -
schneider-electric 140cpu43412u_firmware -
schneider-electric 140cpu43412u -
schneider-electric 140cpu65160_firmware -
schneider-electric 140cpu65160 -
schneider-electric 140cpu65260_firmware -
schneider-electric 140cpu65260 -
schneider-electric 140cpu65860_firmware -
schneider-electric 140cpu65860 -
schneider-electric 140cpu65160s_firmware -
schneider-electric 140cpu65160s -
schneider-electric 140cpu65150c_firmware -
schneider-electric 140cpu65150c -
schneider-electric 140cpu31110c_firmware -
schneider-electric 140cpu31110c -
schneider-electric 140cpu43412uc_firmware -
schneider-electric 140cpu43412uc -
schneider-electric 140cpu65160c_firmware -
schneider-electric 140cpu65160c -
schneider-electric 140cpu65160c_firmware -
schneider-electric 140cpu65160c -
schneider-electric 140cpu65260c_firmware -
schneider-electric 140cpu65260c -
schneider-electric 140cpu65860c_firmware -
schneider-electric 140cpu65860c -
schneider-electric modicon_m340_bmxp341000_firmware -
schneider-electric modicon_m340_bmxp341000 -
schneider-electric modicon_m340_bmxp342000_firmware -
schneider-electric modicon_m340_bmxp342000 -
schneider-electric modicon_m340_bmxp3420102_firmware -
schneider-electric modicon_m340_bmxp3420102 -
schneider-electric modicon_m340_bmxp3420102cl_firmware -
schneider-electric modicon_m340_bmxp3420102cl -
schneider-electric modicon_m340_bmxp342020_firmware -
schneider-electric modicon_m340_bmxp342020 -
schneider-electric modicon_m340_bmxp3420302_firmware -
schneider-electric modicon_m340_bmxp3420302 -
schneider-electric modicon_m340_bmxp3420302cl_firmware -
schneider-electric modicon_m340_bmxp3420302cl -
schneider-electric modicon_m340_bmxp3420302h_firmware -
schneider-electric modicon_m340_bmxp3420302h -
schneider-electric modicon_m340_bmxp342020h_firmware -
schneider-electric modicon_m340_bmxp342020h -
schneider-electric modicon_m340_bmxp341000h_firmware -
schneider-electric modicon_m340_bmxp341000h -
schneider-electric tsxh5724m_firmware -
schneider-electric tsxh5724m -
schneider-electric tsxh5744m_firmware -
schneider-electric tsxh5744m -
schneider-electric tsxp57104m_firmware -
schneider-electric tsxp57104m -
schneider-electric tsxp57154m_firmware -
schneider-electric tsxp57154m -
schneider-electric tsxp571634m_firmware -
schneider-electric tsxp571634m -
schneider-electric tsxp57204m_firmware -
schneider-electric tsxp57204m -
schneider-electric tsxp57254m_firmware -
schneider-electric tsxp57254m -
schneider-electric tsxp572634m_firmware -
schneider-electric tsxp572634m -
schneider-electric tsxp57304m_firmware -
schneider-electric tsxp57304m -
schneider-electric tsxp57354m_firmware -
schneider-electric tsxp57354m -
schneider-electric tsxp573634m_firmware -
schneider-electric tsxp573634m -
schneider-electric tsxp57454m_firmware -
schneider-electric tsxp57454m -
schneider-electric tsxp574634m_firmware -
schneider-electric tsxp574634m -
schneider-electric tsxp575634m_firmware -
schneider-electric tsxp575634m -
schneider-electric tsxp576634m_firmware -
schneider-electric tsxp576634m -
schneider-electric tsxh5724mc_firmware -
schneider-electric tsxh5724mc -
schneider-electric tsxh5744mc_firmware -
schneider-electric tsxh5744mc -
schneider-electric tsxp57104mc_firmware -
schneider-electric tsxp57104mc -
schneider-electric tsxp57154mc_firmware -
schneider-electric tsxp57154mc -
schneider-electric tsxp571634mc_firmware -
schneider-electric tsxp571634mc -
schneider-electric tsxp57204mc_firmware -
schneider-electric tsxp57204mc -
schneider-electric tsxp57254mc_firmware -
schneider-electric tsxp57254mc -
schneider-electric tsxp572634mc_firmware -
schneider-electric tsxp572634mc -
schneider-electric tsxp57304mc_firmware -
schneider-electric tsxp57304mc -
schneider-electric tsxp57354mc_firmware -
schneider-electric tsxp57354mc -
schneider-electric tsxp573634mc_firmware -
schneider-electric tsxp573634mc -
schneider-electric tsxp57454mc_firmware -
schneider-electric tsxp57454mc -
schneider-electric tsxp574634mc_firmware -
schneider-electric tsxp574634mc -
schneider-electric tsxp57554mc_firmware -
schneider-electric tsxp57554mc -
schneider-electric tsxp575634mc_firmware -
schneider-electric tsxp575634mc -
schneider-electric tsxp576634mc_firmware -
schneider-electric tsxp576634mc -
schneider-electric tsxh5724m_firmware -
schneider-electric tsxh5724m -
schneider-electric tsxh5744mc_firmware -
schneider-electric tsxh5744mc -
schneider-electric tsxp57554m_firmware -
schneider-electric tsxp57554m -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnor0200_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAA48015-57C1-4371-8B9D-FFDEE461D227",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnor0200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABF43229-1E2E-493A-B44F-DD2870559A93",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnor0200h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D0B4021-E058-4B5B-823B-BB1C0A939E30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnor0200h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "60D9A366-3394-4275-B884-AE6E7227156E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65150_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7003BE27-3D26-46F9-BF51-5E026EA2AED6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC3E5496-C3D0-4DF4-A9AF-F227F889840E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu31110_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A37B3D0A-D1AA-494F-B26B-70BA8D1E8D6F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu31110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F363F812-4BF2-450C-BC40-48A136746B9E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu43412u_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B36E6DC-D407-4A3B-9ED3-1683EEE83299",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu43412u:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B87C8629-A8CF-4B8E-AB03-0425C30A40C3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65160_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E092BBB-F315-4541-B8B2-BF9E1B75B041",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65160:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2C2AF70-F0BB-4D17-901C-1FCBECDC44FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65260_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D5F2BE6-CF9E-48BB-B525-6B8F4C0B203E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65260:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D7304B0-EE18-454B-B3F0-5EF387285D90",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65860_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FECDF56E-7F6B-4048-AAAA-0D80C685F6D9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65860:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B8230FD-0C0A-467C-9BAD-09257739D462",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65160s_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "616C2139-6063-4BB1-84C0-AECDBB9EC86C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65160s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "95E48F27-F241-4491-AFF7-8BD562F21A52",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65150c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAA5A94A-09A0-4606-8DAE-0CDE1A372483",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65150c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "51A2EB59-CCEE-4123-8344-764959B32C3C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu31110c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEE31953-8AEA-45AB-81A1-BCE9AC78A48D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu31110c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "33B887DA-75CD-465C-8B02-4DF1A063F3B9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu43412uc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "09F9986A-4089-429E-BFD7-131C3BE98B9E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu43412uc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "38AC4E35-E020-4E54-B1F7-01F4A9D9DEC7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65160c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A75F5C8-3341-4C4A-8660-F002AD07702F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65160c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1A9B6A4-BAA6-4982-A27B-2B9D5F0E7178",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65160c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A75F5C8-3341-4C4A-8660-F002AD07702F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65160c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1A9B6A4-BAA6-4982-A27B-2B9D5F0E7178",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65260c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BE1F4A9-D2EA-4A5B-8F9A-EFD961D4F49D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65260c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "106C756F-1A0D-486F-BA83-F1F6D9D5661E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65860c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1472068B-ECE2-46F4-AC91-43F5AFCA8C52",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65860c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E33E1CF-BD62-4638-AD44-30A19063FCD5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp341000_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EC4B64B-CF0F-46CE-91FB-6A320F83B190",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "178D2338-E48E-493C-992F-337AACE794DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342000_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "64041ACC-0BF1-45F7-B1AB-6C836BD606BB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D150239-27E2-4CBE-A931-5107C15E362F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D597D553-9E36-453A-8C82-FCBB38E6DE49",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98212CF5-BCF4-4A55-B62A-484569687B4E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102cl_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC0A5B21-421E-4E89-A408-D9B1639D0902",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102cl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D30336F0-EDCF-486C-B52E-D0C53BCDFC65",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6B88FC3-8FD3-4A2F-A2F0-BE6E29CB7D4F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99F2F851-C18F-4CB8-B47C-516F2AC7955D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F8EA70F-DD0C-4835-AA65-2B826807756B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "354968F7-C41B-4C21-8E47-81DC07DF0EA5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302cl_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "55DE4493-EC66-4A65-ACF1-085FEE3E350B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302cl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "32091F91-9397-4506-8801-C68B9E8B60F0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3E85D90-A4B8-46B9-B654-84CD68FCF658",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "075A16D1-F4DF-4DCB-8DF9-152E282CE01F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "86AA8980-5D94-4B49-858C-E24290AE8D36",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "56BAED8B-EEFA-45D7-A5A3-9B62067CE24C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp341000h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6520258-C8F2-48B3-AB65-281F46ECC6D7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "69222495-4F18-434E-B86C-F63C5A2C1242",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxh5724m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4DD1A18C-9B62-40C2-99CF-3A68544726EB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxh5724m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1F56BA4-6A19-44FB-8555-7360C77F83AF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxh5744m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3D6BEFC-72CD-44D8-957A-EC09429C5B01",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxh5744m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B57B894-5AA4-4412-B425-7338CB2FFA3C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57104m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9DEC794-B68A-40DC-8F84-00CBEB8864DE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57104m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "587226C6-6BE2-4A42-B593-34498F647B24",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57154m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "70BC8D38-1297-43F7-864F-693979F17BB4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57154m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CC8F0AB-C4A8-40B3-88E0-92F52EA05692",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp571634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8BAC53A2-F2DA-41C5-9699-EC421B3143E1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp571634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "31A5DCC8-9E3D-4919-9DE3-73FC8733E73D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57204m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "64F1346D-8D14-498D-A692-C1A5A0EF9378",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57204m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3202C35B-3356-43FA-84C1-A2444665EA56",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57254m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B6C1584-7ABD-427B-8321-1F5C8D3948A2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57254m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57B75D71-11CA-4DDF-849A-08A9D84C95AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp572634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9B7568D-8C01-4268-BAB6-A4849BFD3FA4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp572634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA2094F4-976F-44FA-A7E5-93E20A80DA00",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57304m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "62618355-F206-4112-95D0-4555377AB20F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57304m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5FDBAB3-C8C2-47F6-ACAA-B89BA53849B9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57354m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "786D8BB6-FD4D-41FB-BECB-8E4A70DA2BB1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57354m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAE46047-D9AF-4720-A130-A0F989423F82",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp573634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FC7B128-2CCC-46BA-B3EC-BF4AD8A788C3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp573634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80500883-2825-46DD-8ED9-4F324A4494CC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57454m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C14B9070-7919-40FE-AE5E-C56F88D87000",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57454m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC537593-1AB7-438E-AB71-EDB469A1DFF7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp574634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D634770-DB1F-43EF-AD2C-9351BD92D3BC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp574634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE60505D-0211-4E8C-B32C-988E25698B1E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp575634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E490099-5E81-464C-9790-7A1DCF112A5F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp575634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57BF89C2-27F8-4FF5-9E4F-4F0CB6C2F0E9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp576634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6E5F731-F702-4F83-AE10-E3C3009625D6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp576634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71146321-B31B-4C5B-A600-2E414D84916E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxh5724mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "60C65BC1-802C-4877-81C7-247D23CC5A9D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxh5724mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "09680CF4-5A88-4DEB-BD05-44BA24685098",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxh5744mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "725B442B-06BD-401A-B91C-5A2C490559F6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxh5744mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EB49EB2-5F90-49EA-BD95-52BF6F5B5FE3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57104mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B26315A-DA7B-48DC-93D2-ED292095CDB5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57104mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "13D605BE-1CB9-4954-BF09-BA666E722BC7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57154mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF6F4125-6D52-4788-B5BA-C4022C8079C5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57154mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5030BD7-A01B-4069-800B-0A91F55D14E4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp571634mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "00916712-0D0F-41FF-A977-95F98637FA27",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp571634mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "560A0D6E-6A0C-46E6-9216-C3369594B2FC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57204mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F3A2B5D-BEE1-4504-8196-B29EB0CC5A9A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57204mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "12D1C05A-AD02-43F1-B508-DC0ED0F269EC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57254mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "403ABCAE-2F5F-4E3B-9DDF-2E8E554CC9B2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57254mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "588F84BE-C0F5-4271-BE93-7EB721885390",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp572634mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "42C42113-3B11-4F71-8509-07758903AFEF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp572634mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91E32B09-3874-4198-BA17-332811B313CE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57304mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "27D4613F-7210-411C-B4D7-BC4EF5629686",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57304mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D70CDDC-9CE8-4766-8251-B87C1BE5F693",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57354mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "03B5326F-97AF-45EC-8F47-A449718A6A0C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57354mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F60FE0FD-2283-460D-98D6-7FDAF370F951",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp573634mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "612F0F44-8611-4F22-88E2-E085094418B3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp573634mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "77CBF69B-2CB1-4FD7-8004-BA76E1DD832C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57454mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8FF4C1F-1883-40F2-B966-0A282B26C503",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57454mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5647F4AB-8D54-42F9-BFF3-5AA22D07E694",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp574634mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "93134D1F-3F9C-42CC-B050-2FE4A41ECEA5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp574634mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE0A6EF5-9A76-4985-9411-44184BA51303",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57554mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CBE84C1-A5B1-4E8B-9CE1-D3243D7FD228",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57554mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A3B77B6-AAF8-456C-8B04-3623EB0E968E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp575634mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A88E0D7A-31DE-42E2-931A-E428B4515B2F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp575634mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AAD43A71-5615-4A3D-8AB9-F714827ADEE5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp576634mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD593582-806E-4C6D-B07A-CB31161AEFA6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp576634mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "827D5E75-1491-4485-B22B-E81AC90B923C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxh5724m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4DD1A18C-9B62-40C2-99CF-3A68544726EB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxh5724m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1F56BA4-6A19-44FB-8555-7360C77F83AF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxh5744mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "725B442B-06BD-401A-B91C-5A2C490559F6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxh5744mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EB49EB2-5F90-49EA-BD95-52BF6F5B5FE3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57554m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "24DE3518-2898-4D71-80ED-8C73FFE9E436",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57554m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5572E616-5D86-46FF-AEA7-4A12E66F0ED4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Vulnerable hash algorithms exists in Schneider Electric\u0027s Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communication modules. The algorithm used to encrypt the password is vulnerable to hash collision attacks."
    },
    {
      "lang": "es",
      "value": "Existen algoritmos de hash vulnerables en los controladores Modicon Premium, Modicon Quantum, Modicon M340 y BMXNOR0200, de Schneider Electric, en todas las versiones de los m\u00f3dulos de comunicaci\u00f3n. El algoritmo empleado para cifrar la contrase\u00f1a es vulnerable a ataques de colisi\u00f3n de hash."
    }
  ],
  "id": "CVE-2018-7242",
  "lastModified": "2024-11-21T04:11:51.740",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-04-18T20:29:00.373",
  "references": [
    {
      "source": "cybersecurity@se.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/103543"
    },
    {
      "source": "cybersecurity@se.com",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-086-01"
    },
    {
      "source": "cybersecurity@se.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-081-01/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/103543"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-18-086-01"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-081-01/"
    }
  ],
  "sourceIdentifier": "cybersecurity@se.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-326"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2015-12-21 11:59
Modified
2024-11-21 02:37
Severity ?
Summary
Stack-based buffer overflow in the GoAhead Web Server on Schneider Electric Modicon M340 PLC BMXNOx and BMXPx devices allows remote attackers to execute arbitrary code via a long password in HTTP Basic Authentication data.
References
ics-cert@hq.dhs.govhttp://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-344-01Vendor Advisory
ics-cert@hq.dhs.govhttp://www.securityfocus.com/bid/79622
ics-cert@hq.dhs.govhttps://ics-cert.us-cert.gov/advisories/ICSA-15-351-01Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-344-01Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/79622
af854a3a-2127-422b-91ae-364da2661108https://ics-cert.us-cert.gov/advisories/ICSA-15-351-01Third Party Advisory, US Government Resource
Impacted products
Vendor Product Version
schneider-electric bmxnoc0401 -
schneider-electric bmxnoe0100 -
schneider-electric bmxnoe0100h -
schneider-electric bmxnoe0110 -
schneider-electric bmxnoe0110h -
schneider-electric bmxnor0200 -
schneider-electric bmxnor0200h -
schneider-electric bmxpra0100 -
schneider-electric modicon_m340_bmxp342020 -
schneider-electric modicon_m340_bmxp342020h -
schneider-electric modicon_m340_bmxp342030 -
schneider-electric modicon_m340_bmxp3420302 -
schneider-electric modicon_m340_bmxp3420302h -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnoc0401:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF08654A-FFCB-47D3-AC82-DF7284548962",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnoe0100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80FC6FF2-D662-4A57-AAA6-BC04351DC779",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnoe0100h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C37C1E3E-CA86-4AB5-82A8-BA758F02475D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnoe0110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98F3B055-8919-4E09-9827-288F0A03DAFF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnoe0110h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E47DB14-EF4B-4E4E-9DA2-B3F6EFA72BF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnor0200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABF43229-1E2E-493A-B44F-DD2870559A93",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnor0200h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "60D9A366-3394-4275-B884-AE6E7227156E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxpra0100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "87FE8964-ECA5-4F5C-933D-F527BDDA1316",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99F2F851-C18F-4CB8-B47C-516F2AC7955D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "56BAED8B-EEFA-45D7-A5A3-9B62067CE24C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342030:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E472ABB0-5556-4B96-9CEF-2180E24FA7FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "354968F7-C41B-4C21-8E47-81DC07DF0EA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "075A16D1-F4DF-4DCB-8DF9-152E282CE01F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow in the GoAhead Web Server on Schneider Electric Modicon M340 PLC BMXNOx and BMXPx devices allows remote attackers to execute arbitrary code via a long password in HTTP Basic Authentication data."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de buffer basado en pila en GoAhead Web Server en dispositivos Schneider Electric Modicon M340 PLC BMXNOx y BMXPx permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de una contrase\u00f1a larga en los datos de HTTP Basic Authentication."
    }
  ],
  "id": "CVE-2015-7937",
  "lastModified": "2024-11-21T02:37:41.870",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2015-12-21T11:59:12.097",
  "references": [
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-344-01"
    },
    {
      "source": "ics-cert@hq.dhs.gov",
      "url": "http://www.securityfocus.com/bid/79622"
    },
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-351-01"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2015-344-01"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/79622"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-351-01"
    }
  ],
  "sourceIdentifier": "ics-cert@hq.dhs.gov",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2019-03-21 19:29
Modified
2024-11-21 02:35
Severity ?
5.4 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Summary
Remote file inclusion allows an attacker to craft a specific URL referencing the Schneider Electric Modicon BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP342020, BMXP342020H, BMXP342030, BMXP3420302, BMXP3420302H, or BMXP342030H PLC web server, which, when launched, will result in the browser redirecting to a remote file via a Java script loaded with the web page.
References
ics-cert@hq.dhs.govhttps://ics-cert.us-cert.gov/advisories/ICSA-15-246-02Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108https://ics-cert.us-cert.gov/advisories/ICSA-15-246-02Third Party Advisory, US Government Resource
Impacted products
Vendor Product Version
schneider-electric bmxnoc0401_firmware -
schneider-electric bmxnoc0401 -
schneider-electric bmxnoe0100_firmware -
schneider-electric bmxnoe0100 -
schneider-electric bmxnoe0110_firmware -
schneider-electric bmxnoe0110 -
schneider-electric bmxnoe0110h_firmware -
schneider-electric bmxnoe0110h -
schneider-electric bmxnor0200h_firmware -
schneider-electric bmxnor0200h -
schneider-electric modicon_m340_bmxp342020_firmware -
schneider-electric modicon_m340_bmxp342020 -
schneider-electric modicon_m340_bmxp342020h_firmware -
schneider-electric modicon_m340_bmxp342020h -
schneider-electric modicon_m340_bmxp342030_firmware -
schneider-electric modicon_m340_bmxp342030 -
schneider-electric modicon_m340_bmxp3420302_firmware -
schneider-electric modicon_m340_bmxp3420302 -
schneider-electric modicon_m340_bmxp3420302h_firmware -
schneider-electric modicon_m340_bmxp3420302h -
schneider-electric modicon_m340_bmxp342030h_firmware -
schneider-electric modicon_m340_bmxp342030h -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnoc0401_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1769F1F-EAA9-4EE6-9333-A9A4EF4F0F44",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnoc0401:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF08654A-FFCB-47D3-AC82-DF7284548962",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnoe0100_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6712F95-3145-4A61-AF36-F0ECEE961ACD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnoe0100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80FC6FF2-D662-4A57-AAA6-BC04351DC779",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnoe0110_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6E813C6-D9FF-4BEE-969C-FD3C347AE9AF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnoe0110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98F3B055-8919-4E09-9827-288F0A03DAFF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnoe0110h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C19F796-5548-45AA-ACED-25D9E640306E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnoe0110h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E47DB14-EF4B-4E4E-9DA2-B3F6EFA72BF4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnor0200h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D0B4021-E058-4B5B-823B-BB1C0A939E30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnor0200h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "60D9A366-3394-4275-B884-AE6E7227156E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6B88FC3-8FD3-4A2F-A2F0-BE6E29CB7D4F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99F2F851-C18F-4CB8-B47C-516F2AC7955D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "86AA8980-5D94-4B49-858C-E24290AE8D36",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "56BAED8B-EEFA-45D7-A5A3-9B62067CE24C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342030_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "90674B8F-C4BD-46AF-A86D-A01531074FB6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342030:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E472ABB0-5556-4B96-9CEF-2180E24FA7FD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F8EA70F-DD0C-4835-AA65-2B826807756B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "354968F7-C41B-4C21-8E47-81DC07DF0EA5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3E85D90-A4B8-46B9-B654-84CD68FCF658",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "075A16D1-F4DF-4DCB-8DF9-152E282CE01F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342030h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBDA1A8F-6AAF-4D09-9DB4-FACAB918963C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342030h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF9608E7-C9B5-4945-9609-690231DB1B5A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Remote file inclusion allows an attacker to craft a specific URL referencing the Schneider Electric Modicon BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP342020, BMXP342020H, BMXP342030, BMXP3420302, BMXP3420302H, or BMXP342030H PLC web server, which, when launched, will result in the browser redirecting to a remote file via a Java script loaded with the web page."
    },
    {
      "lang": "es",
      "value": "La inclusi\u00f3n de archivos remotos permite que un atacante manipule una URL espec\u00edfica que referencia al servidor web PLC de Modicon BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP342020, BMXP342020H, BMXP342030, BMXP3420302, BMXP3420302H o BMXP342030H, de Schneider Electric, el cual, una vez lanzado, resultar\u00e1 en la redirecci\u00f3n del navegador a un archivo remoto mediante un script de Java cargado con la p\u00e1gina web."
    }
  ],
  "id": "CVE-2015-6461",
  "lastModified": "2024-11-21T02:35:00.673",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 5.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.5,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-03-21T19:29:00.267",
  "references": [
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-246-02"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-246-02"
    }
  ],
  "sourceIdentifier": "ics-cert@hq.dhs.gov",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-98"
        }
      ],
      "source": "ics-cert@hq.dhs.gov",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2020-12-11 01:15
Modified
2024-11-21 05:37
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum & Modicon Premium (see security notifications for affected versions), that could cause denial of service when a specially crafted Read Physical Memory request over Modbus is sent to the controller.
References
cybersecurity@se.comhttps://www.se.com/ww/en/download/document/SEVD-2020-343-08/Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.se.com/ww/en/download/document/SEVD-2020-343-08/Vendor Advisory
Impacted products
Vendor Product Version
schneider-electric modicon_m580_bmep584040_firmware *
schneider-electric modicon_m580_bmep584040 -
schneider-electric modicon_m580_bmep582040_firmware *
schneider-electric modicon_m580_bmep582040 -
schneider-electric modicon_m580_bmep586040_firmware *
schneider-electric modicon_m580_bmep586040 -
schneider-electric modicon_m580_bmep585040_firmware *
schneider-electric modicon_m580_bmep585040 -
schneider-electric modicon_m580_bmep582020_firmware *
schneider-electric modicon_m580_bmep582020 -
schneider-electric modicon_m580_bmep581020_firmware *
schneider-electric modicon_m580_bmep581020 -
schneider-electric modicon_m580_bmep584020_firmware *
schneider-electric modicon_m580_bmep584020 -
schneider-electric modicon_m580_bmep583040_firmware *
schneider-electric modicon_m580_bmep583040 -
schneider-electric modicon_m580_bmep583020_firmware *
schneider-electric modicon_m580_bmep583020 -
schneider-electric modicon_m340_bmxp341000_firmware *
schneider-electric modicon_m340_bmxp341000 -
schneider-electric modicon_m340_bmxp342000_firmware *
schneider-electric modicon_m340_bmxp342000 -
schneider-electric modicon_m340_bmxp3420102_firmware *
schneider-electric modicon_m340_bmxp3420102 -
schneider-electric modicon_m340_bmxp3420102cl_firmware *
schneider-electric modicon_m340_bmxp3420102cl -
schneider-electric modicon_m340_bmxp342020_firmware *
schneider-electric modicon_m340_bmxp342020 -
schneider-electric modicon_m340_bmxp3420302_firmware *
schneider-electric modicon_m340_bmxp3420302 -
schneider-electric modicon_m340_bmxp3420302cl_firmware *
schneider-electric modicon_m340_bmxp3420302cl -
schneider-electric tsxp574634_firmware *
schneider-electric tsxp574634 -
schneider-electric tsxp575634_firmware *
schneider-electric tsxp575634 -
schneider-electric tsxp576634_firmware *
schneider-electric tsxp576634 -
schneider-electric 140cpu65150_firmware *
schneider-electric 140cpu65150 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep584040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C2208FD-0126-4ECF-97DF-89998EE90A5F",
              "versionEndExcluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC4A1DF2-FF4C-4DBE-BF74-6A4A09E3DECE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB772761-8859-4AA5-ACAC-4A5859FCE0A9",
              "versionEndExcluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBCCDD6D-35CE-4680-8B0C-86584B1D8958",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep586040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B0DB061-8B7F-4FEC-9275-6FFE045DCE81",
              "versionEndExcluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep586040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B3C1879-269B-47EB-891B-EF2E90C911D7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep585040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BAA3B4D9-7F47-4813-9784-EB7BF53A32DE",
              "versionEndExcluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep585040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5376D9F4-8AFB-4909-A11B-33C54C4220DB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE7D852A-18A3-4AB8-B6AD-4B9815950CC4",
              "versionEndExcluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "765E4FEE-255E-4C47-824A-5661B84B490B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep581020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4325AE79-6FDA-47A7-B3A6-C47C5C2C510D",
              "versionEndExcluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep581020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2317F260-7AA2-4178-B468-03DF36223E26",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep584020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6149E270-E76E-4011-A488-2571499A6C76",
              "versionEndExcluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "47DFEBAC-2F1D-4870-8425-2199BF80B425",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep583040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6AF74D66-DEF7-4A05-A6FC-15645BA8B8AB",
              "versionEndExcluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep583040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "002E7F33-6729-4C35-9DDA-7D8383BD5668",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep583020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A4810AB-2986-4152-9E48-488959A15361",
              "versionEndExcluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep583020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBC38FF1-693E-4899-883C-1B7B80A52F2C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp341000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C440362A-7E0E-497C-B275-409E9B57D8A2",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "178D2338-E48E-493C-992F-337AACE794DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6ACCC66-4075-4EE9-A6BA-01EF7529C568",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D150239-27E2-4CBE-A931-5107C15E362F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD031F4E-9F3C-4035-AFB8-B7442F1B2475",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98212CF5-BCF4-4A55-B62A-484569687B4E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102cl_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C1D1498-1069-4080-8EB4-3BA6C0DC2CEA",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102cl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D30336F0-EDCF-486C-B52E-D0C53BCDFC65",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5481772-5E18-4985-A5E5-F7223B52A90B",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99F2F851-C18F-4CB8-B47C-516F2AC7955D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A83CF92-F35F-416F-B571-CA5600BF671F",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "354968F7-C41B-4C21-8E47-81DC07DF0EA5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302cl_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E506AD9-C302-4D41-B971-46DE19AF83FB",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302cl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "32091F91-9397-4506-8801-C68B9E8B60F0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp574634_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C32BDE35-7AC6-44C3-8135-BAA128B44559",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp574634:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "76B1122A-56A2-44BB-8648-C6E96D1966D9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp575634_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CAEBC02-9BA6-4D36-AC3D-E1CE531F918E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp575634:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0678A50-FE23-49BD-A6CF-A7094EFDAFA1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp576634_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "23918D88-851B-480E-972E-EB48CAFA7AF4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp576634:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "38F83CCC-4A66-4D47-A563-777A16028F3B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8048EA69-8FC8-4415-BA20-D2813F8BD83D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC3E5496-C3D0-4DF4-A9AF-F227F889840E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum \u0026 Modicon Premium (see security notifications for affected versions), that could cause denial of service when a specially crafted Read Physical Memory request over Modbus is sent to the controller."
    },
    {
      "lang": "es",
      "value": "Una CWE-754: Se presenta una vulnerabilidad de Comprobaci\u00f3n Inapropiada de Condiciones Inusuales o Excepcionales en Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum y Modicon Premium (consulte las notificaciones de seguridad para las versiones afectadas), que podr\u00eda causar una denegaci\u00f3n de servicio cuando una petici\u00f3n Read Physical Memory especialmente dise\u00f1ada a trav\u00e9s de Modbus es enviada hacia el controlador"
    }
  ],
  "id": "CVE-2020-7542",
  "lastModified": "2024-11-21T05:37:20.843",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-12-11T01:15:12.517",
  "references": [
    {
      "source": "cybersecurity@se.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-08/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-08/"
    }
  ],
  "sourceIdentifier": "cybersecurity@se.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-754"
        }
      ],
      "source": "cybersecurity@se.com",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2022-02-11 18:15
Modified
2024-11-21 05:50
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A CWE-20: Improper Input Validation vulnerability exists that could cause denial of service of the device when an attacker sends a specially crafted HTTP request to the web server of the device. Affected Product: Modicon M340 CPUs: BMXP34 (Versions prior to V3.40), Modicon M340 X80 Ethernet Communication Modules: BMXNOE0100 (H), BMXNOE0110 (H), BMXNOC0401, BMXNOR0200H RTU (All Versions), Modicon Premium Processors with integrated Ethernet (Copro): TSXP574634, TSXP575634, TSXP576634 (All Versions), Modicon Quantum Processors with Integrated Ethernet (Copro): 140CPU65xxxxx (All Versions), Modicon Quantum Communication Modules: 140NOE771x1, 140NOC78x00, 140NOC77101 (All Versions), Modicon Premium Communication Modules: TSXETY4103, TSXETY5103 (All Versions)
References
cybersecurity@se.comhttps://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-257-02Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-257-02Patch, Vendor Advisory
Impacted products
Vendor Product Version
schneider-electric modicon_m340_bmxp342020_firmware *
schneider-electric modicon_m340_bmxp342020 -
schneider-electric bmxnoe0100_firmware *
schneider-electric bmxnoe0100 -
schneider-electric bmxnoe0110_firmware *
schneider-electric bmxnoe0110 -
schneider-electric bmxnoc0401_firmware *
schneider-electric bmxnoc0401 -
schneider-electric bmxnor0200h_rtu_firmware *
schneider-electric bmxnor0200h_rtu -
schneider-electric tsxp574634_firmware *
schneider-electric tsxp574634 -
schneider-electric tsxp575634_firmware *
schneider-electric tsxp575634 -
schneider-electric tsxp576634_firmware *
schneider-electric tsxp576634 -
schneider-electric 140cpu65150_firmware *
schneider-electric 140cpu65150 -
schneider-electric 140noe771x1_firmware *
schneider-electric 140noe771x1 -
schneider-electric 140noc78x00_firmware *
schneider-electric 140noc78x00 -
schneider-electric 140noc77101_firmware *
schneider-electric 140noc77101 -
schneider-electric tsxety4103_firmware *
schneider-electric tsxety4103 -
schneider-electric tsxety5103_firmware *
schneider-electric tsxety5103 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "866BFE7D-D688-40B1-B6E9-B140529001C3",
              "versionEndExcluding": "3.40",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99F2F851-C18F-4CB8-B47C-516F2AC7955D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnoe0100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E00817A-E140-418F-93AB-A9B516F090A7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnoe0100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80FC6FF2-D662-4A57-AAA6-BC04351DC779",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnoe0110_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2F33A35-37ED-41AD-94A2-34FEA8E7259B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnoe0110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98F3B055-8919-4E09-9827-288F0A03DAFF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnoc0401_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEF0DA3B-F89B-487D-AAE6-AEA88E28055A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnoc0401:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF08654A-FFCB-47D3-AC82-DF7284548962",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnor0200h_rtu_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9318D16-AA6D-4DE4-B812-D995B291E802",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnor0200h_rtu:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D792EDB-A93E-495B-AF0A-486C9AC6BACA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp574634_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C32BDE35-7AC6-44C3-8135-BAA128B44559",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp574634:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "76B1122A-56A2-44BB-8648-C6E96D1966D9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp575634_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CAEBC02-9BA6-4D36-AC3D-E1CE531F918E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp575634:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0678A50-FE23-49BD-A6CF-A7094EFDAFA1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp576634_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "23918D88-851B-480E-972E-EB48CAFA7AF4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp576634:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "38F83CCC-4A66-4D47-A563-777A16028F3B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8048EA69-8FC8-4415-BA20-D2813F8BD83D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC3E5496-C3D0-4DF4-A9AF-F227F889840E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140noe771x1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1468EBB2-8AD8-4886-B4A9-13D1F34EFD8B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140noe771x1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6EFD78F-DB37-4407-A91C-9D01FA9CAF2F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140noc78x00_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6E80811-AE57-4B01-B3D5-4B346A9F3D8F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140noc78x00:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F4A72EA-E15A-4C31-B0F3-6B9EB48A09B2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140noc77101_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "10B16121-8DC3-4EA1-AC7B-D611A1C3C9A4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140noc77101:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B688E46-6D5B-4197-BBA2-23F361E656E0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxety4103_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "066E3E6C-8A0E-4360-A4ED-32A84B7647FC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxety4103:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "18B13865-038C-4073-955A-36E6F5037C2C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxety5103_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7B418F6-DCED-40B9-8B35-DC50FD8EF6FD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxety5103:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A901BF2-9316-4067-9AFC-8A7CB3549F68",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A CWE-20: Improper Input Validation vulnerability exists that could cause denial of service of the device when an attacker sends a specially crafted HTTP request to the web server of the device. Affected Product: Modicon M340 CPUs: BMXP34 (Versions prior to V3.40), Modicon M340 X80 Ethernet Communication Modules: BMXNOE0100 (H), BMXNOE0110 (H), BMXNOC0401, BMXNOR0200H RTU (All Versions), Modicon Premium Processors with integrated Ethernet (Copro): TSXP574634, TSXP575634, TSXP576634 (All Versions), Modicon Quantum Processors with Integrated Ethernet (Copro): 140CPU65xxxxx (All Versions), Modicon Quantum Communication Modules: 140NOE771x1, 140NOC78x00, 140NOC77101 (All Versions), Modicon Premium Communication Modules: TSXETY4103, TSXETY5103 (All Versions)"
    },
    {
      "lang": "es",
      "value": "Una CWE-20: Se presenta una vulnerabilidad de Comprobaci\u00f3n de Entrada Inapropiada que podr\u00eda causar una denegaci\u00f3n de servicio del dispositivo cuando un atacante env\u00eda una petici\u00f3n HTTP especialmente dise\u00f1ada al servidor web del dispositivo. Producto afectado: CPUs Modicon M340: BMXP34 (Versiones anteriores a V3.40), M\u00f3dulos de Comunicaci\u00f3n Ethernet Modicon M340 X80: BMXNOE0100 (H), BMXNOE0110 (H), BMXNOC0401, BMXNOR0200H RTU (Todas las versiones), Procesadores Modicon Premium con Ethernet integrada (Copro): TSXP574634, TSXP575634, TSXP576634 (Todas las versiones), Procesadores Modicon Quantum con Ethernet integrado (Copro): 140CPU65xxxxx (Todas las versiones), M\u00f3dulos de comunicaci\u00f3n Modicon Quantum: 140NOE771x1, 140NOC78x00, 140NOC77101 (Todas las versiones), M\u00f3dulos de comunicaci\u00f3n Modicon Premium: TSXETY4103, TSXETY5103 (todas las versiones)"
    }
  ],
  "id": "CVE-2021-22787",
  "lastModified": "2024-11-21T05:50:40.090",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-02-11T18:15:09.000",
  "references": [
    {
      "source": "cybersecurity@se.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-257-02"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-257-02"
    }
  ],
  "sourceIdentifier": "cybersecurity@se.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "cybersecurity@se.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2020-01-06 23:15
Modified
2024-11-21 04:47
Severity ?
7.3 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Summary
Incorrect Authorization vulnerability exists in EcoStruxure Control Expert (all versions prior to 14.1 Hot Fix), Unity Pro (all versions), Modicon M340 (all versions prior to V3.20) , and Modicon M580 (all versions prior to V3.10), which could cause a bypass of the authentication process between EcoStruxure Control Expert and the M340 and M580 controllers.
References
cybersecurity@se.comhttps://www.se.com/ww/en/download/document/SEVD-2019-344-02/Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.se.com/ww/en/download/document/SEVD-2019-344-02/Vendor Advisory
Impacted products
Vendor Product Version
schneider-electric ecostruxure_control_expert *
schneider-electric ecostruxure_control_expert 14.1
schneider-electric unity_pro *
schneider-electric modicon_m580_bmep584040_firmware *
schneider-electric modicon_m580_bmep584040 -
schneider-electric modicon_m580_bmeh584040_firmware *
schneider-electric modicon_m580_bmeh584040 -
schneider-electric modicon_m580_bmep586040_firmware *
schneider-electric modicon_m580_bmep586040 -
schneider-electric modicon_m580_bmeh586040_firmware *
schneider-electric modicon_m580_bmeh586040 -
schneider-electric modicon_m580_bmep581020_firmware *
schneider-electric modicon_m580_bmep581020 -
schneider-electric modicon_m580_bmep582020_firmware *
schneider-electric modicon_m580_bmep582020 -
schneider-electric modicon_m580_bmep582040_firmware *
schneider-electric modicon_m580_bmep582040 -
schneider-electric modicon_m580_bmep583020_firmware *
schneider-electric modicon_m580_bmep583020 -
schneider-electric modicon_m580_bmep583040_firmware *
schneider-electric modicon_m580_bmep583040 -
schneider-electric modicon_m580_bmep584020_firmware *
schneider-electric modicon_m580_bmep584020 -
schneider-electric modicon_m580_bmep585040_firmware *
schneider-electric modicon_m580_bmep585040 -
schneider-electric modicon_m580_bmeh582040_firmware *
schneider-electric modicon_m580_bmeh582040 -
schneider-electric modicon_m580_bmep584040s_firmware *
schneider-electric modicon_m580_bmep584040s -
schneider-electric modicon_m580_bmeh584040s_firmware *
schneider-electric modicon_m580_bmeh584040s -
schneider-electric modicon_m580_bmeh586040s_firmware *
schneider-electric modicon_m580_bmeh586040s -
schneider-electric modicon_m580_bmep582040s_firmware *
schneider-electric modicon_m580_bmep582040s -
schneider-electric modicon_m340_bmxp3420302_firmware *
schneider-electric modicon_m340_bmxp3420302 -
schneider-electric modicon_m340_bmxp342020_firmware *
schneider-electric modicon_m340_bmxp342020 -
schneider-electric modicon_m340_bmxp342000_firmware *
schneider-electric modicon_m340_bmxp342000 -
schneider-electric modicon_m340_bmxp341000_firmware *
schneider-electric modicon_m340_bmxp341000 -
schneider-electric modicon_m340_bmxp3420102_firmware *
schneider-electric modicon_m340_bmxp3420102 -
schneider-electric modicon_m340_bmxp3420302_firmware *
schneider-electric modicon_m340_bmxp3420302 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:schneider-electric:ecostruxure_control_expert:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "10BD615A-F82C-4CCA-BB41-89F6EF5467F1",
              "versionEndExcluding": "14.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:schneider-electric:ecostruxure_control_expert:14.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "D34F92F7-2058-43F0-BCF1-2925E12D29E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:schneider-electric:unity_pro:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "51476F6C-7515-4DD4-8D3D-5E86C1EEFC06",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep584040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5449E755-4992-4000-BD4D-B4B8E2E3DD3F",
              "versionEndExcluding": "3.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC4A1DF2-FF4C-4DBE-BF74-6A4A09E3DECE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh584040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AA81375-45BC-4363-A983-927CF387A4A0",
              "versionEndExcluding": "3.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "77116949-1141-432D-964B-29A759939E8F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep586040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "37811A48-CDDE-4C7E-B255-596D51932BE8",
              "versionEndExcluding": "3.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep586040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B3C1879-269B-47EB-891B-EF2E90C911D7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh586040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBA066DD-C0D5-413E-B858-DEA3B2E3B3B5",
              "versionEndExcluding": "3.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "07E2FB94-F402-4CF0-BE35-574C1C6528BA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep581020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB88DA1F-6526-4EEA-AFDE-F09B33903F48",
              "versionEndExcluding": "3.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep581020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2317F260-7AA2-4178-B468-03DF36223E26",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8769D3F1-4E16-40EC-A0D6-EFC5C7C6A483",
              "versionEndExcluding": "3.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "765E4FEE-255E-4C47-824A-5661B84B490B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F42514A-3D4B-4E01-8A74-9CD2FD516002",
              "versionEndExcluding": "3.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBCCDD6D-35CE-4680-8B0C-86584B1D8958",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep583020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D3B6735-D709-43FD-8EA3-A09522584C10",
              "versionEndExcluding": "3.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep583020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBC38FF1-693E-4899-883C-1B7B80A52F2C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep583040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA007461-EE11-41F0-90C4-8A23E8FFED62",
              "versionEndExcluding": "3.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep583040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "002E7F33-6729-4C35-9DDA-7D8383BD5668",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep584020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D87361A5-1E59-48C1-8097-6B3D3538F4F2",
              "versionEndExcluding": "3.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "47DFEBAC-2F1D-4870-8425-2199BF80B425",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep585040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "07C4644B-E7D7-49D9-867D-35E58D13B4C7",
              "versionEndExcluding": "3.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep585040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5376D9F4-8AFB-4909-A11B-33C54C4220DB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh582040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0C67FC1-8EA6-447C-9891-B5242783C614",
              "versionEndExcluding": "3.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F484F8BB-60B5-4045-92C3-0C2A0CD4107E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep584040s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EEB4D826-414C-4E89-BC13-33FA6FE1BE5A",
              "versionEndExcluding": "3.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6222C1F8-BE52-4666-B7F5-2E8BBC214F70",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh584040s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2B68D4E-EBE5-4E44-AA7E-F8D53F32D3C5",
              "versionEndExcluding": "3.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "97AAD857-95C0-4AE3-8510-CB306E8293F4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh586040s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7A39833-AA85-4003-99F9-9FC4DA98895E",
              "versionEndExcluding": "3.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D53BD038-D594-41FF-B3EF-3365C5432AD0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582040s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "39597434-BDCF-4515-8EAE-7A392CAD3E13",
              "versionEndExcluding": "3.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C02B27F6-B8CF-4D3B-9DA6-054F540EA6B6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "86401BD9-9D3F-4626-A299-6AFD5A7C6A95",
              "versionEndExcluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "354968F7-C41B-4C21-8E47-81DC07DF0EA5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "16101586-1908-497E-84A2-BD204693317C",
              "versionEndExcluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99F2F851-C18F-4CB8-B47C-516F2AC7955D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC91F3A5-7032-45DD-8897-0A63FDD25550",
              "versionEndExcluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D150239-27E2-4CBE-A931-5107C15E362F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp341000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA9F5C74-1CF8-47E8-B3AB-2F87FCD25D28",
              "versionEndExcluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "178D2338-E48E-493C-992F-337AACE794DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "486E0121-1C3B-4EDC-9D76-292648A96764",
              "versionEndExcluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98212CF5-BCF4-4A55-B62A-484569687B4E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "86401BD9-9D3F-4626-A299-6AFD5A7C6A95",
              "versionEndExcluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "354968F7-C41B-4C21-8E47-81DC07DF0EA5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Incorrect Authorization vulnerability exists in EcoStruxure Control Expert (all versions prior to 14.1 Hot Fix), Unity Pro (all versions), Modicon M340 (all versions prior to V3.20) , and Modicon M580 (all versions prior to V3.10), which could cause a bypass of the authentication process between EcoStruxure Control Expert and the M340 and M580 controllers."
    },
    {
      "lang": "es",
      "value": "Existe una vulnerabilidad de Autorizaci\u00f3n Incorrecta en EcoStruxure Control Expert (todas las versiones anteriores a la 14.1 Hot Fix), Unity Pro (todas las versiones), Modicon M340 (todas las versiones anteriores a la V3.20) , y Modicon M580 (todas las versiones anteriores a la V3.10), que podr\u00eda causar un bypass del proceso de autenticaci\u00f3n entre EcoStruxure Control Expert y los controladores M340 y M580"
    }
  ],
  "id": "CVE-2019-6855",
  "lastModified": "2024-11-21T04:47:17.287",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 7.3,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-01-06T23:15:11.237",
  "references": [
    {
      "source": "cybersecurity@se.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.se.com/ww/en/download/document/SEVD-2019-344-02/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.se.com/ww/en/download/document/SEVD-2019-344-02/"
    }
  ],
  "sourceIdentifier": "cybersecurity@se.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-863"
        }
      ],
      "source": "cybersecurity@se.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-863"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2020-12-11 01:15
Modified
2024-11-21 05:37
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause denial of HTTP and FTP services when a series of specially crafted requests is sent to the controller over HTTP.
References
cybersecurity@se.comhttps://www.se.com/ww/en/download/document/SEVD-2020-343-06/Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.se.com/ww/en/download/document/SEVD-2020-343-06/Vendor Advisory
Impacted products
Vendor Product Version
schneider-electric modicon_m340_bmxp341000_firmware *
schneider-electric modicon_m340_bmxp341000 -
schneider-electric modicon_m340_bmxp342000_firmware *
schneider-electric modicon_m340_bmxp342000 -
schneider-electric modicon_m340_bmxp3420102_firmware *
schneider-electric modicon_m340_bmxp3420102 -
schneider-electric modicon_m340_bmxp3420102cl_firmware *
schneider-electric modicon_m340_bmxp3420102cl -
schneider-electric modicon_m340_bmxp342020_firmware *
schneider-electric modicon_m340_bmxp342020 -
schneider-electric modicon_m340_bmxp3420302_firmware *
schneider-electric modicon_m340_bmxp3420302 -
schneider-electric modicon_m340_bmxp3420302cl_firmware *
schneider-electric modicon_m340_bmxp3420302cl -
schneider-electric bmxnoe0100_firmware *
schneider-electric bmxnoe0100 -
schneider-electric bmxnoe0110_firmware *
schneider-electric bmxnoe0110 -
schneider-electric bmxnoc0401_firmware *
schneider-electric bmxnoc0401 -
schneider-electric 140noe77111_firmware *
schneider-electric 140noe77111 -
schneider-electric 140noc78100_firmware *
schneider-electric 140noc78100 -
schneider-electric 140noc78000_firmware *
schneider-electric 140noc78000 -
schneider-electric 140cpu65150_firmware *
schneider-electric 140cpu65150 -
schneider-electric tsxety4103_firmware *
schneider-electric tsxety4103 -
schneider-electric tsxety5103_firmware *
schneider-electric tsxety5103 -
schneider-electric tsxp574634_firmware *
schneider-electric tsxp574634 -
schneider-electric tsxp575634_firmware *
schneider-electric tsxp575634 -
schneider-electric tsxp576634_firmware *
schneider-electric tsxp576634 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp341000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C440362A-7E0E-497C-B275-409E9B57D8A2",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "178D2338-E48E-493C-992F-337AACE794DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6ACCC66-4075-4EE9-A6BA-01EF7529C568",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D150239-27E2-4CBE-A931-5107C15E362F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD031F4E-9F3C-4035-AFB8-B7442F1B2475",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98212CF5-BCF4-4A55-B62A-484569687B4E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102cl_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C1D1498-1069-4080-8EB4-3BA6C0DC2CEA",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102cl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D30336F0-EDCF-486C-B52E-D0C53BCDFC65",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5481772-5E18-4985-A5E5-F7223B52A90B",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99F2F851-C18F-4CB8-B47C-516F2AC7955D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A83CF92-F35F-416F-B571-CA5600BF671F",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "354968F7-C41B-4C21-8E47-81DC07DF0EA5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302cl_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E506AD9-C302-4D41-B971-46DE19AF83FB",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302cl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "32091F91-9397-4506-8801-C68B9E8B60F0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnoe0100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C045040-20CA-488D-A36D-A433754A33E8",
              "versionEndExcluding": "3.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnoe0100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80FC6FF2-D662-4A57-AAA6-BC04351DC779",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnoe0110_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A33A381-6772-4137-A677-5F73EA398FF6",
              "versionEndExcluding": "6.6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnoe0110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98F3B055-8919-4E09-9827-288F0A03DAFF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnoc0401_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEF0DA3B-F89B-487D-AAE6-AEA88E28055A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnoc0401:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF08654A-FFCB-47D3-AC82-DF7284548962",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140noe77111_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FC49273-1C5D-4E0E-B484-0269CDA4E655",
              "versionEndExcluding": "7.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140noe77111:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CBDCA32-398A-4AC3-A477-DEF9ACD4D3F4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140noc78100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D11C9B98-3119-41CF-8320-447E7E00977E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140noc78100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1067FDEA-33BC-4AA9-AC5B-099BA757065B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140noc78000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A62DEBF-6343-48BB-835C-64AE9D8F956A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140noc78000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "876CE5BA-B45D-4FFD-8176-E26181DAC355",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8048EA69-8FC8-4415-BA20-D2813F8BD83D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC3E5496-C3D0-4DF4-A9AF-F227F889840E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxety4103_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "066E3E6C-8A0E-4360-A4ED-32A84B7647FC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxety4103:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "18B13865-038C-4073-955A-36E6F5037C2C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxety5103_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7B418F6-DCED-40B9-8B35-DC50FD8EF6FD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxety5103:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A901BF2-9316-4067-9AFC-8A7CB3549F68",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp574634_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C32BDE35-7AC6-44C3-8135-BAA128B44559",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp574634:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "76B1122A-56A2-44BB-8648-C6E96D1966D9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp575634_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CAEBC02-9BA6-4D36-AC3D-E1CE531F918E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp575634:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0678A50-FE23-49BD-A6CF-A7094EFDAFA1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp576634_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "23918D88-851B-480E-972E-EB48CAFA7AF4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp576634:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "38F83CCC-4A66-4D47-A563-777A16028F3B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause denial of HTTP and FTP services when a series of specially crafted requests is sent to the controller over HTTP."
    },
    {
      "lang": "es",
      "value": "Una CWE-754: Se presenta una vulnerabilidad de Comprobaci\u00f3n Inapropiada de Condiciones Inusuales o Excepcionales en el Servidor Web en Modicon M340, Legacy Offers Modicon Quantum y Modicon Premium y M\u00f3dulos de Comunicaci\u00f3n asociados (consulte la notificaci\u00f3n de seguridad para las versiones afectadas), que podr\u00eda causar una denegaci\u00f3n de servicios HTTP y FTP cuando una serie de peticiones especialmente dise\u00f1adas  a trav\u00e9s de HTTP son enviadas hacia el controlador"
    }
  ],
  "id": "CVE-2020-7549",
  "lastModified": "2024-11-21T05:37:21.663",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-12-11T01:15:12.627",
  "references": [
    {
      "source": "cybersecurity@se.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-06/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-06/"
    }
  ],
  "sourceIdentifier": "cybersecurity@se.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-754"
        }
      ],
      "source": "cybersecurity@se.com",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2021-09-02 17:15
Modified
2024-11-21 05:50
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
A CWE-125: Out-of-bounds Read vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxureª Control Expert, including all Unity Pro versions (former name of EcoStruxureª Control Expert, all versions), PLC Simulator for EcoStruxureª Process Expert including all HDCS versions (former name of EcoStruxureª Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions).
References
cybersecurity@se.comhttps://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-05Not Applicable
nvd@nist.govhttps://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-04Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-05Not Applicable
Impacted products
Vendor Product Version
schneider-electric modicon_m340_bmxp341000 -
schneider-electric modicon_m340_bmxp342010 -
schneider-electric modicon_m340_bmxp342020 -
schneider-electric modicon_m340_bmxp342030 -
schneider-electric modicon_m580_bmeh582040 -
schneider-electric modicon_m580_bmeh582040c -
schneider-electric modicon_m580_bmeh582040s -
schneider-electric modicon_m580_bmeh584040 -
schneider-electric modicon_m580_bmeh584040c -
schneider-electric modicon_m580_bmeh584040s -
schneider-electric modicon_m580_bmeh586040 -
schneider-electric modicon_m580_bmeh586040c -
schneider-electric modicon_m580_bmeh586040s -
schneider-electric modicon_m580_bmep581020 -
schneider-electric modicon_m580_bmep581020h -
schneider-electric modicon_m580_bmep582020 -
schneider-electric modicon_m580_bmep582020h -
schneider-electric modicon_m580_bmep582040 -
schneider-electric modicon_m580_bmep582040h -
schneider-electric modicon_m580_bmep582040s -
schneider-electric modicon_m580_bmep583020 -
schneider-electric modicon_m580_bmep583040 -
schneider-electric modicon_m580_bmep584020 -
schneider-electric modicon_m580_bmep584040 -
schneider-electric modicon_m580_bmep584040s -
schneider-electric modicon_m580_bmep585040 -
schneider-electric modicon_m580_bmep585040c -
schneider-electric modicon_m580_bmep586040 -
schneider-electric modicon_m580_bmep586040c -
schneider-electric modicon_mc80_bmkc8020301 -
schneider-electric modicon_mc80_bmkc8020310 -
schneider-electric modicon_mc80_bmkc8030311 -
schneider-electric modicon_momentum_171cbu78090 -
schneider-electric modicon_momentum_171cbu98090 -
schneider-electric modicon_momentum_171cbu98091 -
schneider-electric modicon_premium_tsxp57_1634m -
schneider-electric modicon_premium_tsxp57_2634m -
schneider-electric modicon_premium_tsxp57_2834m -
schneider-electric modicon_premium_tsxp57_454m -
schneider-electric modicon_premium_tsxp57_4634m -
schneider-electric modicon_premium_tsxp57_554m -
schneider-electric modicon_premium_tsxp57_5634m -
schneider-electric modicon_premium_tsxp57_6634m -
schneider-electric modicon_quantum_140cpu65150 -
schneider-electric modicon_quantum_140cpu65150c -
schneider-electric modicon_quantum_140cpu65160 -
schneider-electric modicon_quantum_140cpu65160c -
schneider-electric plc_simulator_for_ecostruxure_control_expert -
schneider-electric plc_simulator_for_ecostruxure_process_expert -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "178D2338-E48E-493C-992F-337AACE794DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "833B2455-5D39-4457-9D6F-0CD738A2EB02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99F2F851-C18F-4CB8-B47C-516F2AC7955D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342030:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E472ABB0-5556-4B96-9CEF-2180E24FA7FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F484F8BB-60B5-4045-92C3-0C2A0CD4107E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4F0F823-89EA-451D-81DC-07AACA039371",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "610AE743-9FD1-4149-AD45-3B1DAE268BF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "77116949-1141-432D-964B-29A759939E8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6CE23A2-09CC-4417-A45F-63BCA66C4DD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "97AAD857-95C0-4AE3-8510-CB306E8293F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "07E2FB94-F402-4CF0-BE35-574C1C6528BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E776EE9-A662-4068-A61A-62CAE23C87F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D53BD038-D594-41FF-B3EF-3365C5432AD0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep581020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2317F260-7AA2-4178-B468-03DF36223E26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep581020h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D7DDC42-37A1-43B0-AD46-2E0D098564BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "765E4FEE-255E-4C47-824A-5661B84B490B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582020h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1FEA377-3C45-4F88-B233-088A24BD0771",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBCCDD6D-35CE-4680-8B0C-86584B1D8958",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "68FD5968-C522-4231-A98C-93D3101B6148",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C02B27F6-B8CF-4D3B-9DA6-054F540EA6B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep583020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBC38FF1-693E-4899-883C-1B7B80A52F2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep583040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "002E7F33-6729-4C35-9DDA-7D8383BD5668",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "47DFEBAC-2F1D-4870-8425-2199BF80B425",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC4A1DF2-FF4C-4DBE-BF74-6A4A09E3DECE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6222C1F8-BE52-4666-B7F5-2E8BBC214F70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep585040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5376D9F4-8AFB-4909-A11B-33C54C4220DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep585040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CADB178B-FEFD-48A9-B155-0E8F6D490229",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep586040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B3C1879-269B-47EB-891B-EF2E90C911D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep586040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5771A1A5-3DAF-4869-A24F-F9B0A38B5DA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_mc80_bmkc8020301:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "62B3CEFA-BCF8-4305-B81A-980AA1352515",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_mc80_bmkc8020310:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C1A9EE4-9564-45F6-8CF8-1A820E469B41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_mc80_bmkc8030311:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "026D5E27-E50D-4614-A3EB-C54150C85572",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_momentum_171cbu78090:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B765DF6-1D0A-4191-9AD7-250A7EB691BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_momentum_171cbu98090:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "67152082-E085-4111-98BA-6E9EF14ADB91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_momentum_171cbu98091:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD68FC34-691B-406E-A59D-2596215AE314",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_1634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB98E7F1-DD61-47F5-A6BB-18D75FDFAB70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_2634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39E46898-7206-45C1-9A93-729B5905EF38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_2834m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C97A89AF-103A-4D2A-9EAF-42CEC88A2BCA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_454m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "32B611B6-1138-40DF-848A-A4A10E1DB0F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_4634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF901CCB-1BC4-4EDA-A3D7-ED7523128EAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_554m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4479C318-EE74-4338-B172-EC13D4D62246",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_5634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98A25B72-B3A9-4717-8AA9-B164226DF9D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_6634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "889E9E8B-688E-420E-9A99-AB64BA7ABCDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E3446A5-69F7-4270-93E2-CD5614970698",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65150c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08FE0C5D-3132-48AD-92EB-B7C4277C1FAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65160:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD3F1B7C-7972-463E-930E-F359A402DAF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65160c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC9D2D4D-558B-424E-AB04-429C83F06DB7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:plc_simulator_for_ecostruxure_control_expert:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A63ECFF-261A-4C39-964E-CBC4B97147DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:plc_simulator_for_ecostruxure_process_expert:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B722F22-2CEB-426B-9615-DD3B73A671F4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A CWE-125: Out-of-bounds Read vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxure\u00aa Control Expert, including all Unity Pro versions (former name of EcoStruxure\u00aa Control Expert, all versions), PLC Simulator for EcoStruxure\u00aa Process Expert including all HDCS versions (former name of EcoStruxure\u00aa Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)."
    },
    {
      "lang": "es",
      "value": "UN CWE-125: Una vulnerabilidad de Lectura Fuera de L\u00edmites que podr\u00eda causar una Denegaci\u00f3n de Servicio en el controlador/simulador del PLC Modicon cuando se actualiza la aplicaci\u00f3n del controlador con un archivo de proyecto especialmente dise\u00f1ado se presenta en Modicon M580 CPU (n\u00fameros de pieza BMEP* y BMEH*, todas las versiones), CPU Modicon M340 (n\u00fameros de pieza BMXP34*, todas las versiones), Modicon MC80 (n\u00fameros de pieza BMKC80*, todas las versiones), CPU Modicon Momentum Ethernet (n\u00fameros de pieza 171CBU*, todas las versiones), PLC Simulator for EcoStruxure\u00aa Control Expert, incluyendo todas las versiones Unity Pro (antiguo nombre de EcoStruxure\u00aa Control Expert, todas las versiones), PLC Simulator for EcoStruxure\u00aa Process Expert incluyendo todas las versiones HDCS (antiguo nombre de EcoStruxure\u00aa Process Expert, todas las versiones), Modicon Quantum CPU (n\u00fameros de pieza 140CPU*, todas las versiones), Modicon Premium CPU (n\u00fameros de pieza TSXP5*, todas las versiones)"
    }
  ],
  "id": "CVE-2021-22790",
  "lastModified": "2024-11-21T05:50:40.513",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-09-02T17:15:08.237",
  "references": [
    {
      "source": "cybersecurity@se.com",
      "tags": [
        "Not Applicable"
      ],
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-05"
    },
    {
      "source": "nvd@nist.gov",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-04"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Not Applicable"
      ],
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-05"
    }
  ],
  "sourceIdentifier": "cybersecurity@se.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-125"
        }
      ],
      "source": "cybersecurity@se.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-125"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2021-09-02 17:15
Modified
2024-11-21 05:50
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A CWE-476: NULL Pointer Dereference vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxureª Control Expert, including all Unity Pro versions (former name of EcoStruxureª Control Expert, all versions), PLC Simulator for EcoStruxureª Process Expert including all HDCS versions (former name of EcoStruxureª Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions).
References
cybersecurity@se.comhttps://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-07Not Applicable
nvd@nist.govhttps://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-04Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-07Not Applicable
Impacted products
Vendor Product Version
schneider-electric modicon_m340_bmxp341000 -
schneider-electric modicon_m340_bmxp342010 -
schneider-electric modicon_m340_bmxp342020 -
schneider-electric modicon_m340_bmxp342030 -
schneider-electric modicon_m580_bmeh582040 -
schneider-electric modicon_m580_bmeh582040c -
schneider-electric modicon_m580_bmeh582040s -
schneider-electric modicon_m580_bmeh584040 -
schneider-electric modicon_m580_bmeh584040c -
schneider-electric modicon_m580_bmeh584040s -
schneider-electric modicon_m580_bmeh586040 -
schneider-electric modicon_m580_bmeh586040c -
schneider-electric modicon_m580_bmeh586040s -
schneider-electric modicon_m580_bmep581020 -
schneider-electric modicon_m580_bmep581020h -
schneider-electric modicon_m580_bmep582020 -
schneider-electric modicon_m580_bmep582020h -
schneider-electric modicon_m580_bmep582040 -
schneider-electric modicon_m580_bmep582040h -
schneider-electric modicon_m580_bmep582040s -
schneider-electric modicon_m580_bmep583020 -
schneider-electric modicon_m580_bmep583040 -
schneider-electric modicon_m580_bmep584020 -
schneider-electric modicon_m580_bmep584040 -
schneider-electric modicon_m580_bmep584040s -
schneider-electric modicon_m580_bmep585040 -
schneider-electric modicon_m580_bmep585040c -
schneider-electric modicon_m580_bmep586040 -
schneider-electric modicon_m580_bmep586040c -
schneider-electric modicon_mc80_bmkc8020301 -
schneider-electric modicon_mc80_bmkc8020310 -
schneider-electric modicon_mc80_bmkc8030311 -
schneider-electric modicon_momentum_171cbu78090 -
schneider-electric modicon_momentum_171cbu98090 -
schneider-electric modicon_momentum_171cbu98091 -
schneider-electric modicon_premium_tsxp57_1634m -
schneider-electric modicon_premium_tsxp57_2634m -
schneider-electric modicon_premium_tsxp57_2834m -
schneider-electric modicon_premium_tsxp57_454m -
schneider-electric modicon_premium_tsxp57_4634m -
schneider-electric modicon_premium_tsxp57_554m -
schneider-electric modicon_premium_tsxp57_5634m -
schneider-electric modicon_premium_tsxp57_6634m -
schneider-electric modicon_quantum_140cpu65150 -
schneider-electric modicon_quantum_140cpu65150c -
schneider-electric modicon_quantum_140cpu65160 -
schneider-electric modicon_quantum_140cpu65160c -
schneider-electric plc_simulator_for_ecostruxure_control_expert -
schneider-electric plc_simulator_for_ecostruxure_process_expert -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "178D2338-E48E-493C-992F-337AACE794DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "833B2455-5D39-4457-9D6F-0CD738A2EB02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99F2F851-C18F-4CB8-B47C-516F2AC7955D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342030:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E472ABB0-5556-4B96-9CEF-2180E24FA7FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F484F8BB-60B5-4045-92C3-0C2A0CD4107E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4F0F823-89EA-451D-81DC-07AACA039371",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "610AE743-9FD1-4149-AD45-3B1DAE268BF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "77116949-1141-432D-964B-29A759939E8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6CE23A2-09CC-4417-A45F-63BCA66C4DD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "97AAD857-95C0-4AE3-8510-CB306E8293F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "07E2FB94-F402-4CF0-BE35-574C1C6528BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E776EE9-A662-4068-A61A-62CAE23C87F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D53BD038-D594-41FF-B3EF-3365C5432AD0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep581020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2317F260-7AA2-4178-B468-03DF36223E26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep581020h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D7DDC42-37A1-43B0-AD46-2E0D098564BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "765E4FEE-255E-4C47-824A-5661B84B490B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582020h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1FEA377-3C45-4F88-B233-088A24BD0771",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBCCDD6D-35CE-4680-8B0C-86584B1D8958",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "68FD5968-C522-4231-A98C-93D3101B6148",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C02B27F6-B8CF-4D3B-9DA6-054F540EA6B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep583020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBC38FF1-693E-4899-883C-1B7B80A52F2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep583040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "002E7F33-6729-4C35-9DDA-7D8383BD5668",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "47DFEBAC-2F1D-4870-8425-2199BF80B425",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC4A1DF2-FF4C-4DBE-BF74-6A4A09E3DECE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6222C1F8-BE52-4666-B7F5-2E8BBC214F70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep585040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5376D9F4-8AFB-4909-A11B-33C54C4220DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep585040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CADB178B-FEFD-48A9-B155-0E8F6D490229",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep586040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B3C1879-269B-47EB-891B-EF2E90C911D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep586040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5771A1A5-3DAF-4869-A24F-F9B0A38B5DA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_mc80_bmkc8020301:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "62B3CEFA-BCF8-4305-B81A-980AA1352515",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_mc80_bmkc8020310:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C1A9EE4-9564-45F6-8CF8-1A820E469B41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_mc80_bmkc8030311:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "026D5E27-E50D-4614-A3EB-C54150C85572",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_momentum_171cbu78090:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B765DF6-1D0A-4191-9AD7-250A7EB691BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_momentum_171cbu98090:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "67152082-E085-4111-98BA-6E9EF14ADB91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_momentum_171cbu98091:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD68FC34-691B-406E-A59D-2596215AE314",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_1634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB98E7F1-DD61-47F5-A6BB-18D75FDFAB70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_2634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39E46898-7206-45C1-9A93-729B5905EF38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_2834m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C97A89AF-103A-4D2A-9EAF-42CEC88A2BCA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_454m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "32B611B6-1138-40DF-848A-A4A10E1DB0F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_4634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF901CCB-1BC4-4EDA-A3D7-ED7523128EAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_554m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4479C318-EE74-4338-B172-EC13D4D62246",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_5634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98A25B72-B3A9-4717-8AA9-B164226DF9D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_6634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "889E9E8B-688E-420E-9A99-AB64BA7ABCDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E3446A5-69F7-4270-93E2-CD5614970698",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65150c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08FE0C5D-3132-48AD-92EB-B7C4277C1FAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65160:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD3F1B7C-7972-463E-930E-F359A402DAF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65160c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC9D2D4D-558B-424E-AB04-429C83F06DB7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:plc_simulator_for_ecostruxure_control_expert:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A63ECFF-261A-4C39-964E-CBC4B97147DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:plc_simulator_for_ecostruxure_process_expert:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B722F22-2CEB-426B-9615-DD3B73A671F4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A CWE-476: NULL Pointer Dereference vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxure\u00aa Control Expert, including all Unity Pro versions (former name of EcoStruxure\u00aa Control Expert, all versions), PLC Simulator for EcoStruxure\u00aa Process Expert including all HDCS versions (former name of EcoStruxure\u00aa Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)."
    },
    {
      "lang": "es",
      "value": "Una CWE-476: Una vulnerabilidad de Desreferencia de Puntero NULL que podr\u00eda causar una Denegaci\u00f3n de Servicio en el controlador/simulador del PLC Modicon cuando se actualiza la aplicaci\u00f3n del controlador con un archivo de proyecto especialmente dise\u00f1ado se presenta en Modicon M580 CPU (n\u00fameros de pieza BMEP* and BMEH*, todas las versiones), Modicon M340 CPU (n\u00fameros de pieza BMXP34*, todas las versiones), Modicon MC80 (n\u00fameros de pieza BMKC80*, todas las versiones), Modicon Momentum Ethernet CPU (n\u00fameros de pieza 171CBU*, todas las versiones), PLC Simulator para EcoStruxure\u00aa Control Expert, incluidas todas las versiones Unity Pro (antiguo nombre de EcoStruxure\u00aa Control Expert, todas las versiones), PLC Simulator para EcoStruxure\u00aa Process Expert, incluidas todas las versiones HDCS (antiguo nombre de EcoStruxure\u00aa Process Expert, todas las versiones), Modicon Quantum CPU (n\u00fameros de pieza 140CPU*, todas las versiones), Modicon Premium CPU (n\u00fameros de pieza TSXP5*, todas las versiones)"
    }
  ],
  "id": "CVE-2021-22792",
  "lastModified": "2024-11-21T05:50:40.770",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-09-02T17:15:08.343",
  "references": [
    {
      "source": "cybersecurity@se.com",
      "tags": [
        "Not Applicable"
      ],
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-07"
    },
    {
      "source": "nvd@nist.gov",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-04"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Not Applicable"
      ],
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-07"
    }
  ],
  "sourceIdentifier": "cybersecurity@se.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-476"
        }
      ],
      "source": "cybersecurity@se.com",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2018-04-18 20:29
Modified
2024-11-21 04:12
Severity ?
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability exists in the web services to process SOAP requests in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200 which could allow result in a buffer overflow.
References
cybersecurity@se.comhttps://www.schneider-electric.com/en/download/document/SEVD-2018-081-02/Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.schneider-electric.com/en/download/document/SEVD-2018-081-02/Vendor Advisory
Impacted products
Vendor Product Version
schneider-electric bmxnor0200_firmware -
schneider-electric bmxnor0200 -
schneider-electric bmxnor0200h_firmware -
schneider-electric bmxnor0200h -
schneider-electric 140cpu65150_firmware -
schneider-electric 140cpu65150 -
schneider-electric 140cpu31110_firmware -
schneider-electric 140cpu31110 -
schneider-electric 140cpu43412u_firmware -
schneider-electric 140cpu43412u -
schneider-electric 140cpu65160_firmware -
schneider-electric 140cpu65160 -
schneider-electric 140cpu65260_firmware -
schneider-electric 140cpu65260 -
schneider-electric 140cpu65860_firmware -
schneider-electric 140cpu65860 -
schneider-electric 140cpu65160s_firmware -
schneider-electric 140cpu65160s -
schneider-electric 140cpu65150c_firmware -
schneider-electric 140cpu65150c -
schneider-electric 140cpu31110c_firmware -
schneider-electric 140cpu31110c -
schneider-electric 140cpu43412uc_firmware -
schneider-electric 140cpu43412uc -
schneider-electric 140cpu65160c_firmware -
schneider-electric 140cpu65160c -
schneider-electric 140cpu65160c_firmware -
schneider-electric 140cpu65160c -
schneider-electric 140cpu65260c_firmware -
schneider-electric 140cpu65260c -
schneider-electric 140cpu65860c_firmware -
schneider-electric 140cpu65860c -
schneider-electric modicon_m340_bmxp341000_firmware -
schneider-electric modicon_m340_bmxp341000 -
schneider-electric modicon_m340_bmxp342000_firmware -
schneider-electric modicon_m340_bmxp342000 -
schneider-electric modicon_m340_bmxp3420102_firmware -
schneider-electric modicon_m340_bmxp3420102 -
schneider-electric modicon_m340_bmxp3420102cl_firmware -
schneider-electric modicon_m340_bmxp3420102cl -
schneider-electric modicon_m340_bmxp342020_firmware -
schneider-electric modicon_m340_bmxp342020 -
schneider-electric modicon_m340_bmxp3420302_firmware -
schneider-electric modicon_m340_bmxp3420302 -
schneider-electric modicon_m340_bmxp3420302cl_firmware -
schneider-electric modicon_m340_bmxp3420302cl -
schneider-electric modicon_m340_bmxp3420302h_firmware -
schneider-electric modicon_m340_bmxp3420302h -
schneider-electric modicon_m340_bmxp342020h_firmware -
schneider-electric modicon_m340_bmxp342020h -
schneider-electric modicon_m340_bmxp341000h_firmware -
schneider-electric modicon_m340_bmxp341000h -
schneider-electric tsxh5724m_firmware -
schneider-electric tsxh5724m -
schneider-electric tsxh5744m_firmware -
schneider-electric tsxh5744m -
schneider-electric tsxp57104m_firmware -
schneider-electric tsxp57104m -
schneider-electric tsxp57154m_firmware -
schneider-electric tsxp57154m -
schneider-electric tsxp571634m_firmware -
schneider-electric tsxp571634m -
schneider-electric tsxp57204m_firmware -
schneider-electric tsxp57204m -
schneider-electric tsxp57254m_firmware -
schneider-electric tsxp57254m -
schneider-electric tsxp572634m_firmware -
schneider-electric tsxp572634m -
schneider-electric tsxp57304m_firmware -
schneider-electric tsxp57304m -
schneider-electric tsxp57354m_firmware -
schneider-electric tsxp57354m -
schneider-electric tsxp573634m_firmware -
schneider-electric tsxp573634m -
schneider-electric tsxp57454m_firmware -
schneider-electric tsxp57454m -
schneider-electric tsxp574634m_firmware -
schneider-electric tsxp574634m -
schneider-electric tsxp575634m_firmware -
schneider-electric tsxp575634m -
schneider-electric tsxp576634m_firmware -
schneider-electric tsxp576634m -
schneider-electric tsxh5724mc_firmware -
schneider-electric tsxh5724mc -
schneider-electric tsxh5744mc_firmware -
schneider-electric tsxh5744mc -
schneider-electric tsxp57104mc_firmware -
schneider-electric tsxp57104mc -
schneider-electric tsxp57154mc_firmware -
schneider-electric tsxp57154mc -
schneider-electric tsxp571634mc_firmware -
schneider-electric tsxp571634mc -
schneider-electric tsxp57204mc_firmware -
schneider-electric tsxp57204mc -
schneider-electric tsxp57254mc_firmware -
schneider-electric tsxp57254mc -
schneider-electric tsxp572634mc_firmware -
schneider-electric tsxp572634mc -
schneider-electric tsxp57304mc_firmware -
schneider-electric tsxp57304mc -
schneider-electric tsxp57354mc_firmware -
schneider-electric tsxp57354mc -
schneider-electric tsxp573634mc_firmware -
schneider-electric tsxp573634mc -
schneider-electric tsxp57454mc_firmware -
schneider-electric tsxp57454mc -
schneider-electric tsxp574634mc_firmware -
schneider-electric tsxp574634mc -
schneider-electric tsxp57554mc_firmware -
schneider-electric tsxp57554mc -
schneider-electric tsxp575634mc_firmware -
schneider-electric tsxp575634mc -
schneider-electric tsxp576634mc_firmware -
schneider-electric tsxp576634mc -
schneider-electric tsxh5724m_firmware -
schneider-electric tsxh5724m -
schneider-electric tsxh5744mc_firmware -
schneider-electric tsxh5744mc -
schneider-electric tsxp57554m_firmware -
schneider-electric tsxp57554m -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnor0200_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAA48015-57C1-4371-8B9D-FFDEE461D227",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnor0200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABF43229-1E2E-493A-B44F-DD2870559A93",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnor0200h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D0B4021-E058-4B5B-823B-BB1C0A939E30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnor0200h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "60D9A366-3394-4275-B884-AE6E7227156E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65150_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7003BE27-3D26-46F9-BF51-5E026EA2AED6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC3E5496-C3D0-4DF4-A9AF-F227F889840E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu31110_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A37B3D0A-D1AA-494F-B26B-70BA8D1E8D6F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu31110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F363F812-4BF2-450C-BC40-48A136746B9E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu43412u_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B36E6DC-D407-4A3B-9ED3-1683EEE83299",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu43412u:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B87C8629-A8CF-4B8E-AB03-0425C30A40C3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65160_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E092BBB-F315-4541-B8B2-BF9E1B75B041",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65160:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2C2AF70-F0BB-4D17-901C-1FCBECDC44FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65260_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D5F2BE6-CF9E-48BB-B525-6B8F4C0B203E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65260:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D7304B0-EE18-454B-B3F0-5EF387285D90",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65860_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FECDF56E-7F6B-4048-AAAA-0D80C685F6D9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65860:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B8230FD-0C0A-467C-9BAD-09257739D462",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65160s_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "616C2139-6063-4BB1-84C0-AECDBB9EC86C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65160s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "95E48F27-F241-4491-AFF7-8BD562F21A52",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65150c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAA5A94A-09A0-4606-8DAE-0CDE1A372483",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65150c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "51A2EB59-CCEE-4123-8344-764959B32C3C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu31110c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEE31953-8AEA-45AB-81A1-BCE9AC78A48D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu31110c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "33B887DA-75CD-465C-8B02-4DF1A063F3B9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu43412uc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "09F9986A-4089-429E-BFD7-131C3BE98B9E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu43412uc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "38AC4E35-E020-4E54-B1F7-01F4A9D9DEC7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65160c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A75F5C8-3341-4C4A-8660-F002AD07702F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65160c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1A9B6A4-BAA6-4982-A27B-2B9D5F0E7178",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65160c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A75F5C8-3341-4C4A-8660-F002AD07702F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65160c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1A9B6A4-BAA6-4982-A27B-2B9D5F0E7178",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65260c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BE1F4A9-D2EA-4A5B-8F9A-EFD961D4F49D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65260c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "106C756F-1A0D-486F-BA83-F1F6D9D5661E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65860c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1472068B-ECE2-46F4-AC91-43F5AFCA8C52",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65860c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E33E1CF-BD62-4638-AD44-30A19063FCD5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp341000_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EC4B64B-CF0F-46CE-91FB-6A320F83B190",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "178D2338-E48E-493C-992F-337AACE794DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342000_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "64041ACC-0BF1-45F7-B1AB-6C836BD606BB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D150239-27E2-4CBE-A931-5107C15E362F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D597D553-9E36-453A-8C82-FCBB38E6DE49",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98212CF5-BCF4-4A55-B62A-484569687B4E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102cl_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC0A5B21-421E-4E89-A408-D9B1639D0902",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102cl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D30336F0-EDCF-486C-B52E-D0C53BCDFC65",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6B88FC3-8FD3-4A2F-A2F0-BE6E29CB7D4F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99F2F851-C18F-4CB8-B47C-516F2AC7955D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F8EA70F-DD0C-4835-AA65-2B826807756B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "354968F7-C41B-4C21-8E47-81DC07DF0EA5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302cl_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "55DE4493-EC66-4A65-ACF1-085FEE3E350B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302cl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "32091F91-9397-4506-8801-C68B9E8B60F0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3E85D90-A4B8-46B9-B654-84CD68FCF658",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "075A16D1-F4DF-4DCB-8DF9-152E282CE01F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "86AA8980-5D94-4B49-858C-E24290AE8D36",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "56BAED8B-EEFA-45D7-A5A3-9B62067CE24C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp341000h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6520258-C8F2-48B3-AB65-281F46ECC6D7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "69222495-4F18-434E-B86C-F63C5A2C1242",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxh5724m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4DD1A18C-9B62-40C2-99CF-3A68544726EB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxh5724m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1F56BA4-6A19-44FB-8555-7360C77F83AF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxh5744m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3D6BEFC-72CD-44D8-957A-EC09429C5B01",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxh5744m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B57B894-5AA4-4412-B425-7338CB2FFA3C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57104m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9DEC794-B68A-40DC-8F84-00CBEB8864DE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57104m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "587226C6-6BE2-4A42-B593-34498F647B24",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57154m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "70BC8D38-1297-43F7-864F-693979F17BB4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57154m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CC8F0AB-C4A8-40B3-88E0-92F52EA05692",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp571634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8BAC53A2-F2DA-41C5-9699-EC421B3143E1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp571634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "31A5DCC8-9E3D-4919-9DE3-73FC8733E73D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57204m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "64F1346D-8D14-498D-A692-C1A5A0EF9378",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57204m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3202C35B-3356-43FA-84C1-A2444665EA56",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57254m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B6C1584-7ABD-427B-8321-1F5C8D3948A2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57254m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57B75D71-11CA-4DDF-849A-08A9D84C95AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp572634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9B7568D-8C01-4268-BAB6-A4849BFD3FA4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp572634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA2094F4-976F-44FA-A7E5-93E20A80DA00",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57304m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "62618355-F206-4112-95D0-4555377AB20F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57304m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5FDBAB3-C8C2-47F6-ACAA-B89BA53849B9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57354m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "786D8BB6-FD4D-41FB-BECB-8E4A70DA2BB1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57354m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAE46047-D9AF-4720-A130-A0F989423F82",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp573634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FC7B128-2CCC-46BA-B3EC-BF4AD8A788C3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp573634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80500883-2825-46DD-8ED9-4F324A4494CC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57454m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C14B9070-7919-40FE-AE5E-C56F88D87000",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57454m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC537593-1AB7-438E-AB71-EDB469A1DFF7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp574634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D634770-DB1F-43EF-AD2C-9351BD92D3BC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp574634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE60505D-0211-4E8C-B32C-988E25698B1E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp575634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E490099-5E81-464C-9790-7A1DCF112A5F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp575634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57BF89C2-27F8-4FF5-9E4F-4F0CB6C2F0E9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp576634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6E5F731-F702-4F83-AE10-E3C3009625D6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp576634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71146321-B31B-4C5B-A600-2E414D84916E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxh5724mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "60C65BC1-802C-4877-81C7-247D23CC5A9D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxh5724mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "09680CF4-5A88-4DEB-BD05-44BA24685098",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxh5744mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "725B442B-06BD-401A-B91C-5A2C490559F6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxh5744mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EB49EB2-5F90-49EA-BD95-52BF6F5B5FE3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57104mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B26315A-DA7B-48DC-93D2-ED292095CDB5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57104mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "13D605BE-1CB9-4954-BF09-BA666E722BC7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57154mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF6F4125-6D52-4788-B5BA-C4022C8079C5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57154mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5030BD7-A01B-4069-800B-0A91F55D14E4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp571634mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "00916712-0D0F-41FF-A977-95F98637FA27",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp571634mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "560A0D6E-6A0C-46E6-9216-C3369594B2FC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57204mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F3A2B5D-BEE1-4504-8196-B29EB0CC5A9A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57204mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "12D1C05A-AD02-43F1-B508-DC0ED0F269EC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57254mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "403ABCAE-2F5F-4E3B-9DDF-2E8E554CC9B2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57254mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "588F84BE-C0F5-4271-BE93-7EB721885390",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp572634mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "42C42113-3B11-4F71-8509-07758903AFEF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp572634mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91E32B09-3874-4198-BA17-332811B313CE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57304mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "27D4613F-7210-411C-B4D7-BC4EF5629686",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57304mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D70CDDC-9CE8-4766-8251-B87C1BE5F693",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57354mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "03B5326F-97AF-45EC-8F47-A449718A6A0C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57354mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F60FE0FD-2283-460D-98D6-7FDAF370F951",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp573634mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "612F0F44-8611-4F22-88E2-E085094418B3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp573634mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "77CBF69B-2CB1-4FD7-8004-BA76E1DD832C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57454mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8FF4C1F-1883-40F2-B966-0A282B26C503",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57454mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5647F4AB-8D54-42F9-BFF3-5AA22D07E694",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp574634mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "93134D1F-3F9C-42CC-B050-2FE4A41ECEA5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp574634mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE0A6EF5-9A76-4985-9411-44184BA51303",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57554mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CBE84C1-A5B1-4E8B-9CE1-D3243D7FD228",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57554mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A3B77B6-AAF8-456C-8B04-3623EB0E968E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp575634mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A88E0D7A-31DE-42E2-931A-E428B4515B2F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp575634mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AAD43A71-5615-4A3D-8AB9-F714827ADEE5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp576634mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD593582-806E-4C6D-B07A-CB31161AEFA6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp576634mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "827D5E75-1491-4485-B22B-E81AC90B923C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxh5724m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4DD1A18C-9B62-40C2-99CF-3A68544726EB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxh5724m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1F56BA4-6A19-44FB-8555-7360C77F83AF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxh5744mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "725B442B-06BD-401A-B91C-5A2C490559F6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxh5744mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EB49EB2-5F90-49EA-BD95-52BF6F5B5FE3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57554m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "24DE3518-2898-4D71-80ED-8C73FFE9E436",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57554m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5572E616-5D86-46FF-AEA7-4A12E66F0ED4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability exists in the web services to process SOAP requests in Schneider Electric\u0027s Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200 which could allow result in a buffer overflow."
    },
    {
      "lang": "es",
      "value": "Existe una vulnerabilidad en los servicios web que procesan peticiones SOAP en Modicon M340, Modicon Premium, Modicon Quantum PLC y BMXNOR0200, de Schneider Electric, que podr\u00eda conducir a un desbordamiento de b\u00fafer."
    }
  ],
  "id": "CVE-2018-7762",
  "lastModified": "2024-11-21T04:12:41.390",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-04-18T20:29:00.857",
  "references": [
    {
      "source": "cybersecurity@se.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-081-02/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-081-02/"
    }
  ],
  "sourceIdentifier": "cybersecurity@se.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2018-04-18 20:29
Modified
2024-11-21 04:12
Severity ?
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A buffer overflow vulnerability exists in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200. The buffer overflow vulnerability is caused by the length of the source string specified (instead of the buffer size) as the number of bytes to be copied.
References
cybersecurity@se.comhttps://www.schneider-electric.com/en/download/document/SEVD-2018-081-02/Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.schneider-electric.com/en/download/document/SEVD-2018-081-02/Vendor Advisory
Impacted products
Vendor Product Version
schneider-electric bmxnor0200_firmware -
schneider-electric bmxnor0200 -
schneider-electric bmxnor0200h_firmware -
schneider-electric bmxnor0200h -
schneider-electric 140cpu65150_firmware -
schneider-electric 140cpu65150 -
schneider-electric 140cpu31110_firmware -
schneider-electric 140cpu31110 -
schneider-electric 140cpu43412u_firmware -
schneider-electric 140cpu43412u -
schneider-electric 140cpu65160_firmware -
schneider-electric 140cpu65160 -
schneider-electric 140cpu65260_firmware -
schneider-electric 140cpu65260 -
schneider-electric 140cpu65860_firmware -
schneider-electric 140cpu65860 -
schneider-electric 140cpu65160s_firmware -
schneider-electric 140cpu65160s -
schneider-electric 140cpu65150c_firmware -
schneider-electric 140cpu65150c -
schneider-electric 140cpu31110c_firmware -
schneider-electric 140cpu31110c -
schneider-electric 140cpu43412uc_firmware -
schneider-electric 140cpu43412uc -
schneider-electric 140cpu65160c_firmware -
schneider-electric 140cpu65160c -
schneider-electric 140cpu65160c_firmware -
schneider-electric 140cpu65160c -
schneider-electric 140cpu65260c_firmware -
schneider-electric 140cpu65260c -
schneider-electric 140cpu65860c_firmware -
schneider-electric 140cpu65860c -
schneider-electric modicon_m340_bmxp341000_firmware -
schneider-electric modicon_m340_bmxp341000 -
schneider-electric modicon_m340_bmxp342000_firmware -
schneider-electric modicon_m340_bmxp342000 -
schneider-electric modicon_m340_bmxp3420102_firmware -
schneider-electric modicon_m340_bmxp3420102 -
schneider-electric modicon_m340_bmxp3420102cl_firmware -
schneider-electric modicon_m340_bmxp3420102cl -
schneider-electric modicon_m340_bmxp342020_firmware -
schneider-electric modicon_m340_bmxp342020 -
schneider-electric modicon_m340_bmxp3420302_firmware -
schneider-electric modicon_m340_bmxp3420302 -
schneider-electric modicon_m340_bmxp3420302cl_firmware -
schneider-electric modicon_m340_bmxp3420302cl -
schneider-electric modicon_m340_bmxp3420302h_firmware -
schneider-electric modicon_m340_bmxp3420302h -
schneider-electric modicon_m340_bmxp342020h_firmware -
schneider-electric modicon_m340_bmxp342020h -
schneider-electric modicon_m340_bmxp341000h_firmware -
schneider-electric modicon_m340_bmxp341000h -
schneider-electric tsxh5724m_firmware -
schneider-electric tsxh5724m -
schneider-electric tsxh5744m_firmware -
schneider-electric tsxh5744m -
schneider-electric tsxp57104m_firmware -
schneider-electric tsxp57104m -
schneider-electric tsxp57154m_firmware -
schneider-electric tsxp57154m -
schneider-electric tsxp571634m_firmware -
schneider-electric tsxp571634m -
schneider-electric tsxp57204m_firmware -
schneider-electric tsxp57204m -
schneider-electric tsxp57254m_firmware -
schneider-electric tsxp57254m -
schneider-electric tsxp572634m_firmware -
schneider-electric tsxp572634m -
schneider-electric tsxp57304m_firmware -
schneider-electric tsxp57304m -
schneider-electric tsxp57354m_firmware -
schneider-electric tsxp57354m -
schneider-electric tsxp573634m_firmware -
schneider-electric tsxp573634m -
schneider-electric tsxp57454m_firmware -
schneider-electric tsxp57454m -
schneider-electric tsxp574634m_firmware -
schneider-electric tsxp574634m -
schneider-electric tsxp575634m_firmware -
schneider-electric tsxp575634m -
schneider-electric tsxp576634m_firmware -
schneider-electric tsxp576634m -
schneider-electric tsxh5724mc_firmware -
schneider-electric tsxh5724mc -
schneider-electric tsxh5744mc_firmware -
schneider-electric tsxh5744mc -
schneider-electric tsxp57104mc_firmware -
schneider-electric tsxp57104mc -
schneider-electric tsxp57154mc_firmware -
schneider-electric tsxp57154mc -
schneider-electric tsxp571634mc_firmware -
schneider-electric tsxp571634mc -
schneider-electric tsxp57204mc_firmware -
schneider-electric tsxp57204mc -
schneider-electric tsxp57254mc_firmware -
schneider-electric tsxp57254mc -
schneider-electric tsxp572634mc_firmware -
schneider-electric tsxp572634mc -
schneider-electric tsxp57304mc_firmware -
schneider-electric tsxp57304mc -
schneider-electric tsxp57354mc_firmware -
schneider-electric tsxp57354mc -
schneider-electric tsxp573634mc_firmware -
schneider-electric tsxp573634mc -
schneider-electric tsxp57454mc_firmware -
schneider-electric tsxp57454mc -
schneider-electric tsxp574634mc_firmware -
schneider-electric tsxp574634mc -
schneider-electric tsxp57554mc_firmware -
schneider-electric tsxp57554mc -
schneider-electric tsxp575634mc_firmware -
schneider-electric tsxp575634mc -
schneider-electric tsxp576634mc_firmware -
schneider-electric tsxp576634mc -
schneider-electric tsxh5724m_firmware -
schneider-electric tsxh5724m -
schneider-electric tsxh5744mc_firmware -
schneider-electric tsxh5744mc -
schneider-electric tsxp57554m_firmware -
schneider-electric tsxp57554m -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnor0200_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAA48015-57C1-4371-8B9D-FFDEE461D227",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnor0200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABF43229-1E2E-493A-B44F-DD2870559A93",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnor0200h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D0B4021-E058-4B5B-823B-BB1C0A939E30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnor0200h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "60D9A366-3394-4275-B884-AE6E7227156E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65150_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7003BE27-3D26-46F9-BF51-5E026EA2AED6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC3E5496-C3D0-4DF4-A9AF-F227F889840E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu31110_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A37B3D0A-D1AA-494F-B26B-70BA8D1E8D6F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu31110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F363F812-4BF2-450C-BC40-48A136746B9E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu43412u_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B36E6DC-D407-4A3B-9ED3-1683EEE83299",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu43412u:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B87C8629-A8CF-4B8E-AB03-0425C30A40C3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65160_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E092BBB-F315-4541-B8B2-BF9E1B75B041",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65160:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2C2AF70-F0BB-4D17-901C-1FCBECDC44FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65260_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D5F2BE6-CF9E-48BB-B525-6B8F4C0B203E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65260:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D7304B0-EE18-454B-B3F0-5EF387285D90",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65860_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FECDF56E-7F6B-4048-AAAA-0D80C685F6D9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65860:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B8230FD-0C0A-467C-9BAD-09257739D462",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65160s_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "616C2139-6063-4BB1-84C0-AECDBB9EC86C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65160s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "95E48F27-F241-4491-AFF7-8BD562F21A52",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65150c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAA5A94A-09A0-4606-8DAE-0CDE1A372483",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65150c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "51A2EB59-CCEE-4123-8344-764959B32C3C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu31110c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEE31953-8AEA-45AB-81A1-BCE9AC78A48D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu31110c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "33B887DA-75CD-465C-8B02-4DF1A063F3B9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu43412uc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "09F9986A-4089-429E-BFD7-131C3BE98B9E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu43412uc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "38AC4E35-E020-4E54-B1F7-01F4A9D9DEC7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65160c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A75F5C8-3341-4C4A-8660-F002AD07702F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65160c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1A9B6A4-BAA6-4982-A27B-2B9D5F0E7178",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65160c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A75F5C8-3341-4C4A-8660-F002AD07702F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65160c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1A9B6A4-BAA6-4982-A27B-2B9D5F0E7178",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65260c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BE1F4A9-D2EA-4A5B-8F9A-EFD961D4F49D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65260c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "106C756F-1A0D-486F-BA83-F1F6D9D5661E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65860c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1472068B-ECE2-46F4-AC91-43F5AFCA8C52",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65860c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E33E1CF-BD62-4638-AD44-30A19063FCD5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp341000_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EC4B64B-CF0F-46CE-91FB-6A320F83B190",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "178D2338-E48E-493C-992F-337AACE794DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342000_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "64041ACC-0BF1-45F7-B1AB-6C836BD606BB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D150239-27E2-4CBE-A931-5107C15E362F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D597D553-9E36-453A-8C82-FCBB38E6DE49",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98212CF5-BCF4-4A55-B62A-484569687B4E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102cl_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC0A5B21-421E-4E89-A408-D9B1639D0902",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102cl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D30336F0-EDCF-486C-B52E-D0C53BCDFC65",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6B88FC3-8FD3-4A2F-A2F0-BE6E29CB7D4F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99F2F851-C18F-4CB8-B47C-516F2AC7955D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F8EA70F-DD0C-4835-AA65-2B826807756B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "354968F7-C41B-4C21-8E47-81DC07DF0EA5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302cl_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "55DE4493-EC66-4A65-ACF1-085FEE3E350B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302cl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "32091F91-9397-4506-8801-C68B9E8B60F0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3E85D90-A4B8-46B9-B654-84CD68FCF658",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "075A16D1-F4DF-4DCB-8DF9-152E282CE01F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "86AA8980-5D94-4B49-858C-E24290AE8D36",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "56BAED8B-EEFA-45D7-A5A3-9B62067CE24C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp341000h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6520258-C8F2-48B3-AB65-281F46ECC6D7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "69222495-4F18-434E-B86C-F63C5A2C1242",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxh5724m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4DD1A18C-9B62-40C2-99CF-3A68544726EB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxh5724m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1F56BA4-6A19-44FB-8555-7360C77F83AF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxh5744m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3D6BEFC-72CD-44D8-957A-EC09429C5B01",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxh5744m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B57B894-5AA4-4412-B425-7338CB2FFA3C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57104m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9DEC794-B68A-40DC-8F84-00CBEB8864DE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57104m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "587226C6-6BE2-4A42-B593-34498F647B24",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57154m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "70BC8D38-1297-43F7-864F-693979F17BB4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57154m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CC8F0AB-C4A8-40B3-88E0-92F52EA05692",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp571634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8BAC53A2-F2DA-41C5-9699-EC421B3143E1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp571634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "31A5DCC8-9E3D-4919-9DE3-73FC8733E73D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57204m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "64F1346D-8D14-498D-A692-C1A5A0EF9378",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57204m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3202C35B-3356-43FA-84C1-A2444665EA56",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57254m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B6C1584-7ABD-427B-8321-1F5C8D3948A2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57254m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57B75D71-11CA-4DDF-849A-08A9D84C95AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp572634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9B7568D-8C01-4268-BAB6-A4849BFD3FA4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp572634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA2094F4-976F-44FA-A7E5-93E20A80DA00",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57304m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "62618355-F206-4112-95D0-4555377AB20F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57304m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5FDBAB3-C8C2-47F6-ACAA-B89BA53849B9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57354m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "786D8BB6-FD4D-41FB-BECB-8E4A70DA2BB1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57354m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAE46047-D9AF-4720-A130-A0F989423F82",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp573634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FC7B128-2CCC-46BA-B3EC-BF4AD8A788C3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp573634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80500883-2825-46DD-8ED9-4F324A4494CC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57454m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C14B9070-7919-40FE-AE5E-C56F88D87000",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57454m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC537593-1AB7-438E-AB71-EDB469A1DFF7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp574634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D634770-DB1F-43EF-AD2C-9351BD92D3BC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp574634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE60505D-0211-4E8C-B32C-988E25698B1E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp575634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E490099-5E81-464C-9790-7A1DCF112A5F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp575634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57BF89C2-27F8-4FF5-9E4F-4F0CB6C2F0E9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp576634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6E5F731-F702-4F83-AE10-E3C3009625D6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp576634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71146321-B31B-4C5B-A600-2E414D84916E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxh5724mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "60C65BC1-802C-4877-81C7-247D23CC5A9D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxh5724mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "09680CF4-5A88-4DEB-BD05-44BA24685098",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxh5744mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "725B442B-06BD-401A-B91C-5A2C490559F6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxh5744mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EB49EB2-5F90-49EA-BD95-52BF6F5B5FE3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57104mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B26315A-DA7B-48DC-93D2-ED292095CDB5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57104mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "13D605BE-1CB9-4954-BF09-BA666E722BC7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57154mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF6F4125-6D52-4788-B5BA-C4022C8079C5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57154mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5030BD7-A01B-4069-800B-0A91F55D14E4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp571634mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "00916712-0D0F-41FF-A977-95F98637FA27",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp571634mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "560A0D6E-6A0C-46E6-9216-C3369594B2FC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57204mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F3A2B5D-BEE1-4504-8196-B29EB0CC5A9A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57204mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "12D1C05A-AD02-43F1-B508-DC0ED0F269EC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57254mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "403ABCAE-2F5F-4E3B-9DDF-2E8E554CC9B2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57254mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "588F84BE-C0F5-4271-BE93-7EB721885390",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp572634mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "42C42113-3B11-4F71-8509-07758903AFEF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp572634mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91E32B09-3874-4198-BA17-332811B313CE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57304mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "27D4613F-7210-411C-B4D7-BC4EF5629686",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57304mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D70CDDC-9CE8-4766-8251-B87C1BE5F693",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57354mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "03B5326F-97AF-45EC-8F47-A449718A6A0C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57354mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F60FE0FD-2283-460D-98D6-7FDAF370F951",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp573634mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "612F0F44-8611-4F22-88E2-E085094418B3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp573634mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "77CBF69B-2CB1-4FD7-8004-BA76E1DD832C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57454mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8FF4C1F-1883-40F2-B966-0A282B26C503",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57454mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5647F4AB-8D54-42F9-BFF3-5AA22D07E694",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp574634mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "93134D1F-3F9C-42CC-B050-2FE4A41ECEA5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp574634mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE0A6EF5-9A76-4985-9411-44184BA51303",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57554mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CBE84C1-A5B1-4E8B-9CE1-D3243D7FD228",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57554mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A3B77B6-AAF8-456C-8B04-3623EB0E968E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp575634mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A88E0D7A-31DE-42E2-931A-E428B4515B2F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp575634mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AAD43A71-5615-4A3D-8AB9-F714827ADEE5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp576634mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD593582-806E-4C6D-B07A-CB31161AEFA6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp576634mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "827D5E75-1491-4485-B22B-E81AC90B923C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxh5724m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4DD1A18C-9B62-40C2-99CF-3A68544726EB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxh5724m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1F56BA4-6A19-44FB-8555-7360C77F83AF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxh5744mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "725B442B-06BD-401A-B91C-5A2C490559F6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxh5744mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EB49EB2-5F90-49EA-BD95-52BF6F5B5FE3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57554m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "24DE3518-2898-4D71-80ED-8C73FFE9E436",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57554m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5572E616-5D86-46FF-AEA7-4A12E66F0ED4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A buffer overflow vulnerability exists in Schneider Electric\u0027s Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200. The buffer overflow vulnerability is caused by the length of the source string specified (instead of the buffer size) as the number of bytes to be copied."
    },
    {
      "lang": "es",
      "value": "Existe una vulnerabilidad de desbordamiento de b\u00fafer en Modicon M340, Modicon Premium, Modicon Quantum PLC y BMXNOR0200, de Schneider Electric. La vulnerabilidad de desbordamiento de b\u00fafer se provoca por el tama\u00f1o de la cadena de origen especificada (en lugar del tama\u00f1o del b\u00fafer) como n\u00famero de bytes que deben copiarse."
    }
  ],
  "id": "CVE-2018-7759",
  "lastModified": "2024-11-21T04:12:40.943",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-04-18T20:29:00.683",
  "references": [
    {
      "source": "cybersecurity@se.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-081-02/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-081-02/"
    }
  ],
  "sourceIdentifier": "cybersecurity@se.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2023-02-01 04:15
Modified
2024-11-21 05:50
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
A CWE-200: Information Exposure vulnerability exists that could cause the exposure of sensitive information stored on the memory of the controller when communicating over the Modbus TCP protocol. Affected Products: Modicon M340 CPU (part numbers BMXP34*) (Versions prior to V3.30), Modicon M580 CPU (part numbers BMEP* and BMEH*) (Versions prior to SV3.20), Modicon MC80 (BMKC80) (Versions prior to V1.6), Modicon M580 CPU Safety (part numbers BMEP58*S and BMEH58*S) (All Versions), Modicon Momentum MDI (171CBU*) (Versions prior to V2.3), Legacy Modicon Quantum (All Versions)
References
cybersecurity@se.comhttps://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-221-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-221-04-Modicon_Controllers_Ethernet_Modules_Security_Notification.pdfPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-221-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2022-221-04-Modicon_Controllers_Ethernet_Modules_Security_Notification.pdfPatch, Vendor Advisory
Impacted products
Vendor Product Version
schneider-electric modicon_m340_bmxp341000_firmware *
schneider-electric modicon_m340_bmxp341000 -
schneider-electric modicon_m340_bmxp342000_firmware *
schneider-electric modicon_m340_bmxp342000 -
schneider-electric modicon_m340_bmxp342010_firmware *
schneider-electric modicon_m340_bmxp342010 -
schneider-electric modicon_m340_bmxp3420102_firmware *
schneider-electric modicon_m340_bmxp3420102 -
schneider-electric modicon_m340_bmxp342020_firmware *
schneider-electric modicon_m340_bmxp342020 -
schneider-electric modicon_m340_bmxp342020h_firmware *
schneider-electric modicon_m340_bmxp342020h -
schneider-electric modicon_m340_bmxp342030_firmware *
schneider-electric modicon_m340_bmxp342030 -
schneider-electric modicon_m340_bmxp3420302_firmware *
schneider-electric modicon_m340_bmxp3420302 -
schneider-electric modicon_m340_bmxp3420302h_firmware *
schneider-electric modicon_m340_bmxp3420302h -
schneider-electric modicon_m340_bmxp342030h_firmware *
schneider-electric modicon_m340_bmxp342030h -
schneider-electric modicon_m580_bmeh582040_firmware *
schneider-electric modicon_m580_bmeh582040 -
schneider-electric modicon_m580_bmeh582040c_firmware *
schneider-electric modicon_m580_bmeh582040c -
schneider-electric modicon_m580_bmeh582040s_firmware *
schneider-electric modicon_m580_bmeh582040s -
schneider-electric modicon_m580_bmeh584040_firmware *
schneider-electric modicon_m580_bmeh584040 -
schneider-electric modicon_m580_bmeh584040c_firmware *
schneider-electric modicon_m580_bmeh584040c -
schneider-electric modicon_m580_bmeh584040s_firmware *
schneider-electric modicon_m580_bmeh584040s -
schneider-electric modicon_m580_bmeh586040_firmware *
schneider-electric modicon_m580_bmeh586040 -
schneider-electric modicon_m580_bmeh586040c_firmware *
schneider-electric modicon_m580_bmeh586040c -
schneider-electric modicon_m580_bmeh586040s_firmware *
schneider-electric modicon_m580_bmeh586040s -
schneider-electric modicon_m580_bmep581020_firmware *
schneider-electric modicon_m580_bmep581020 -
schneider-electric modicon_m580_bmep581020h_firmware *
schneider-electric modicon_m580_bmep581020h -
schneider-electric modicon_m580_bmep582020_firmware *
schneider-electric modicon_m580_bmep582020 -
schneider-electric modicon_m580_bmep582020h_firmware *
schneider-electric modicon_m580_bmep582020h -
schneider-electric modicon_m580_bmep582040_firmware *
schneider-electric modicon_m580_bmep582040 -
schneider-electric modicon_m580_bmep582040h_firmware *
schneider-electric modicon_m580_bmep582040h -
schneider-electric modicon_m580_bmep582040s_firmware *
schneider-electric modicon_m580_bmep582040s -
schneider-electric modicon_m580_bmep583020_firmware *
schneider-electric modicon_m580_bmep583020 -
schneider-electric modicon_m580_bmep583040_firmware *
schneider-electric modicon_m580_bmep583040 -
schneider-electric modicon_m580_bmep584020_firmware *
schneider-electric modicon_m580_bmep584020 -
schneider-electric modicon_m580_bmep584040_firmware *
schneider-electric modicon_m580_bmep584040 -
schneider-electric modicon_m580_bmep584040s_firmware *
schneider-electric modicon_m580_bmep584040s -
schneider-electric modicon_m580_bmep585040_firmware *
schneider-electric modicon_m580_bmep585040 -
schneider-electric modicon_m580_bmep585040c_firmware *
schneider-electric modicon_m580_bmep585040c -
schneider-electric modicon_m580_bmep586040_firmware *
schneider-electric modicon_m580_bmep586040 -
schneider-electric modicon_m580_bmep586040c_firmware *
schneider-electric modicon_m580_bmep586040c -
schneider-electric modicon_momentum_171cbu78090_firmware *
schneider-electric modicon_momentum_171cbu78090 -
schneider-electric modicon_momentum_171cbu98090_firmware *
schneider-electric modicon_momentum_171cbu98090 -
schneider-electric modicon_momentum_171cbu98091_firmware *
schneider-electric modicon_momentum_171cbu98091 -
schneider-electric modicon_mc80_bmkc8020301_firmware *
schneider-electric modicon_mc80_bmkc8020301 -
schneider-electric modicon_mc80_bmkc8020310_firmware *
schneider-electric modicon_mc80_bmkc8020310 -
schneider-electric modicon_mc80_bmkc8030311_firmware *
schneider-electric modicon_mc80_bmkc8030311 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp341000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D891E712-7FA2-4CB2-B2EE-EAC1BB172993",
              "versionEndExcluding": "3.40",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "178D2338-E48E-493C-992F-337AACE794DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "741AED85-8328-4050-8780-487F0B4F6EBB",
              "versionEndExcluding": "3.40",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D150239-27E2-4CBE-A931-5107C15E362F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342010_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A85EE6A-6D75-4A5E-8778-69D909ADA0F8",
              "versionEndExcluding": "3.40",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "833B2455-5D39-4457-9D6F-0CD738A2EB02",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "77202E5E-F1E5-424D-A7CB-1AADC61AF2A6",
              "versionEndExcluding": "3.40",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98212CF5-BCF4-4A55-B62A-484569687B4E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "866BFE7D-D688-40B1-B6E9-B140529001C3",
              "versionEndExcluding": "3.40",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99F2F851-C18F-4CB8-B47C-516F2AC7955D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020h_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "37F7B762-250F-4E44-ADE4-DA133CA13194",
              "versionEndExcluding": "3.40",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "56BAED8B-EEFA-45D7-A5A3-9B62067CE24C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342030_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "91B5097C-C807-4876-A398-284180B2A5A9",
              "versionEndExcluding": "3.40",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342030:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E472ABB0-5556-4B96-9CEF-2180E24FA7FD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "383AB87D-0244-46E6-A509-1C6A85357C37",
              "versionEndExcluding": "3.40",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "354968F7-C41B-4C21-8E47-81DC07DF0EA5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302h_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "03AF16B9-E1A6-42C1-9268-87F6C4F0C822",
              "versionEndExcluding": "3.40",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "075A16D1-F4DF-4DCB-8DF9-152E282CE01F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342030h_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7963099F-9045-48F3-AF78-818EAC56DF6A",
              "versionEndExcluding": "3.40",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342030h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF9608E7-C9B5-4945-9609-690231DB1B5A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh582040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "75365643-792C-4629-9F55-0E72FE2CA421",
              "versionEndIncluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F484F8BB-60B5-4045-92C3-0C2A0CD4107E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh582040c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE16B26B-2833-410A-AD2E-FEB22A3314A5",
              "versionEndIncluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4F0F823-89EA-451D-81DC-07AACA039371",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh582040s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "90196FCE-1FA7-4042-981B-DE15D94AEAE4",
              "versionEndIncluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "610AE743-9FD1-4149-AD45-3B1DAE268BF9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh584040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "125AEA33-E18A-49FE-BF88-7E8F5EAD9C64",
              "versionEndIncluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "77116949-1141-432D-964B-29A759939E8F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh584040c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB71FB34-5ADA-4C0E-B543-46771FB68A06",
              "versionEndIncluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6CE23A2-09CC-4417-A45F-63BCA66C4DD8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh584040s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "49F91CCB-F349-4D40-80F9-71D06C0C1FAA",
              "versionEndIncluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "97AAD857-95C0-4AE3-8510-CB306E8293F4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh586040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "10B4F452-B9AD-406D-B1CC-6178D03C78B8",
              "versionEndIncluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "07E2FB94-F402-4CF0-BE35-574C1C6528BA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh586040c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5448F5CF-8FB8-4757-9FD5-276159B7DAE9",
              "versionEndIncluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E776EE9-A662-4068-A61A-62CAE23C87F7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh586040s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9DF405A-9B2B-4607-97CF-DE0F2BB27354",
              "versionEndIncluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D53BD038-D594-41FF-B3EF-3365C5432AD0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep581020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "30433BF7-67D6-47F5-93FC-FDD227AF0FAE",
              "versionEndIncluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep581020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2317F260-7AA2-4178-B468-03DF36223E26",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep581020h_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "773672C2-2CAF-4228-A1BE-440B2A082C9C",
              "versionEndIncluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep581020h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D7DDC42-37A1-43B0-AD46-2E0D098564BA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F283DBAB-23CB-4D03-8780-11721A7A1A4B",
              "versionEndIncluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "765E4FEE-255E-4C47-824A-5661B84B490B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582020h_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9516F92-B6CE-49E6-B300-EE722AAD7571",
              "versionEndIncluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582020h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1FEA377-3C45-4F88-B233-088A24BD0771",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C98F5559-FA1C-4048-B7DC-7D305EEF27F1",
              "versionEndIncluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBCCDD6D-35CE-4680-8B0C-86584B1D8958",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582040h_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "36C82ED8-9F11-4189-8ACD-3AF589F7B5E5",
              "versionEndIncluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "68FD5968-C522-4231-A98C-93D3101B6148",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582040s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C51971DE-3C54-4166-A885-93CD7422BFCF",
              "versionEndIncluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C02B27F6-B8CF-4D3B-9DA6-054F540EA6B6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep583020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DDDFF4B-AAF4-4E94-B003-E5ACA16B80B4",
              "versionEndIncluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep583020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBC38FF1-693E-4899-883C-1B7B80A52F2C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep583040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F72A74E1-F374-423E-8CDD-448836A1EC73",
              "versionEndIncluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep583040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "002E7F33-6729-4C35-9DDA-7D8383BD5668",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep584020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D3A9B66-AFD1-40CE-A95B-C2E8AB39ED36",
              "versionEndIncluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "47DFEBAC-2F1D-4870-8425-2199BF80B425",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep584040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "511F5135-3F09-443D-802F-1FE5D30C373C",
              "versionEndIncluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC4A1DF2-FF4C-4DBE-BF74-6A4A09E3DECE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep584040s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A780135C-34F9-451E-80FB-451467BA1D1B",
              "versionEndIncluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6222C1F8-BE52-4666-B7F5-2E8BBC214F70",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep585040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1A3344A-9259-41B0-BB39-91A171E10823",
              "versionEndIncluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep585040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5376D9F4-8AFB-4909-A11B-33C54C4220DB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep585040c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB8948EA-A4F5-4C61-AF26-D7E74BB137FE",
              "versionEndIncluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep585040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CADB178B-FEFD-48A9-B155-0E8F6D490229",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep586040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFECD92C-1415-4780-9440-E899060EB88D",
              "versionEndIncluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep586040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B3C1879-269B-47EB-891B-EF2E90C911D7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep586040c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C7FAF22-80AC-4933-8210-87200B769A4A",
              "versionEndIncluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep586040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5771A1A5-3DAF-4869-A24F-F9B0A38B5DA5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_momentum_171cbu78090_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F6496D4-3FC1-4324-90C6-EB049E51E5FF",
              "versionEndExcluding": "2.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_momentum_171cbu78090:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B765DF6-1D0A-4191-9AD7-250A7EB691BF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_momentum_171cbu98090_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C043867-197B-42C5-9023-9BA43EF90D20",
              "versionEndExcluding": "2.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_momentum_171cbu98090:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "67152082-E085-4111-98BA-6E9EF14ADB91",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_momentum_171cbu98091_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECCA96AA-E485-4B70-81EF-E4DB5ADC8B70",
              "versionEndExcluding": "2.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_momentum_171cbu98091:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD68FC34-691B-406E-A59D-2596215AE314",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_mc80_bmkc8020301_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4C34115-3B58-458D-9835-0DE028593A50",
              "versionEndExcluding": "1.70",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_mc80_bmkc8020301:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "62B3CEFA-BCF8-4305-B81A-980AA1352515",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_mc80_bmkc8020310_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B749D0E-FBEB-477E-B1FF-F09B34F41A94",
              "versionEndExcluding": "1.70",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_mc80_bmkc8020310:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C1A9EE4-9564-45F6-8CF8-1A820E469B41",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_mc80_bmkc8030311_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA1B1CD2-17D4-456F-ADB9-F22190097AB0",
              "versionEndExcluding": "1.70",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_mc80_bmkc8030311:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "026D5E27-E50D-4614-A3EB-C54150C85572",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A CWE-200: Information Exposure vulnerability exists that could cause the exposure of sensitive information stored on the memory of the controller when communicating over the Modbus TCP protocol. Affected Products: Modicon M340 CPU (part numbers BMXP34*) (Versions prior to V3.30), Modicon M580 CPU (part numbers BMEP* and BMEH*) (Versions prior to SV3.20), Modicon MC80 (BMKC80) (Versions prior to V1.6), Modicon M580 CPU Safety (part numbers BMEP58*S and BMEH58*S) (All Versions), Modicon Momentum MDI (171CBU*) (Versions prior to V2.3), Legacy Modicon Quantum (All Versions)"
    }
  ],
  "id": "CVE-2021-22786",
  "lastModified": "2024-11-21T05:50:39.900",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "cybersecurity@se.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-02-01T04:15:08.603",
  "references": [
    {
      "source": "cybersecurity@se.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-221-04\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2022-221-04-Modicon_Controllers_Ethernet_Modules_Security_Notification.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-221-04\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2022-221-04-Modicon_Controllers_Ethernet_Modules_Security_Notification.pdf"
    }
  ],
  "sourceIdentifier": "cybersecurity@se.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "cybersecurity@se.com",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2014-10-03 18:55
Modified
2024-11-21 02:02
Severity ?
Summary
Directory traversal vulnerability in SchneiderWEB on Schneider Electric Modicon PLC Ethernet modules 140CPU65x Exec before 5.5, 140NOC78x Exec before 1.62, 140NOE77x Exec before 6.2, BMXNOC0401 before 2.05, BMXNOE0100 before 2.9, BMXNOE0110x Exec before 6.0, TSXETC101 Exec before 2.04, TSXETY4103x Exec before 5.7, TSXETY5103x Exec before 5.9, TSXP57x ETYPort Exec before 5.7, and TSXP57x Ethernet Copro Exec before 5.5 allows remote attackers to visit arbitrary resources via a crafted HTTP request.
References
ics-cert@hq.dhs.govhttp://download.schneider-electric.com/files?p_Reference=SEVD-2014-260-01&p_EnDocType=Software%20-%20Updates&p_File_Id=608959359&p_File_Name=SEVD-2014-260-01.pdfPatch, Vendor Advisory
ics-cert@hq.dhs.govhttp://www.securityfocus.com/bid/70193Third Party Advisory, VDB Entry
ics-cert@hq.dhs.govhttps://ics-cert.us-cert.gov/advisories/ICSA-14-273-01Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://download.schneider-electric.com/files?p_Reference=SEVD-2014-260-01&p_EnDocType=Software%20-%20Updates&p_File_Id=608959359&p_File_Name=SEVD-2014-260-01.pdfPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/70193Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://ics-cert.us-cert.gov/advisories/ICSA-14-273-01Third Party Advisory, US Government Resource
Impacted products
Vendor Product Version
schneider-electric stbnic2212_firmware -
schneider-electric stbnic2212 -
schneider-electric stbnip2212_firmware -
schneider-electric stbnip2212 -
schneider-electric tsxetc0101_firmware -
schneider-electric tsxetc0101 -
schneider-electric tsxetc100_firmware -
schneider-electric tsxetc100 -
schneider-electric tsxp573623mc_firmware -
schneider-electric tsxp573623mc -
schneider-electric tsxety110ws_firmware -
schneider-electric tsxety110ws -
schneider-electric tsxp574634m_firmware -
schneider-electric tsxp574634m -
schneider-electric tsxety110wsc_firmware -
schneider-electric tsxety110wsc -
schneider-electric tsxp574823am_firmware -
schneider-electric tsxp574823am -
schneider-electric tsxety4103_firmware -
schneider-electric tsxety4103 -
schneider-electric tsxp574823m_firmware -
schneider-electric tsxp574823m -
schneider-electric tsxety4103c_firmware -
schneider-electric tsxety4103c -
schneider-electric tsxp574823mc_firmware -
schneider-electric tsxp574823mc -
schneider-electric tsxety5103_firmware -
schneider-electric tsxety5103 -
schneider-electric tsxp575634m_firmware -
schneider-electric tsxp575634m -
schneider-electric tsxety5103c_firmware -
schneider-electric tsxety5103c -
schneider-electric tsxp576634m_firmware -
schneider-electric tsxp576634m -
schneider-electric tsxetz410_firmware -
schneider-electric tsxetz410 -
schneider-electric tsxwmy100_firmware -
schneider-electric tsxwmy100 -
schneider-electric tsxetz510_firmware -
schneider-electric tsxetz510 -
schneider-electric tsxwmy100c_firmware -
schneider-electric tsxwmy100c -
schneider-electric tsxntp100_firmware -
schneider-electric tsxntp100 -
schneider-electric modicon_m580_bmxnoc0402_firmware -
schneider-electric modicon_m580_bmxnoc0402 -
schneider-electric modicon_m340_bmxnoe0100_firmware -
schneider-electric modicon_m340_bmxnoe0100 -
schneider-electric modicon_m340_bmxnoe0110_firmware -
schneider-electric modicon_m340_bmxnoe0110 -
schneider-electric modicon_m340_bmxnoe0110h_firmware -
schneider-electric modicon_m340_bmxnoe0110h -
schneider-electric modicon_m340_bmxnor0200h_firmware -
schneider-electric modicon_m340_bmxnor0200h -
schneider-electric modicon_m340_bmxp342020_firmware -
schneider-electric modicon_m340_bmxp342020 -
schneider-electric modicon_m340_bmxp342020h_firmware -
schneider-electric modicon_m340_bmxp342020h -
schneider-electric modicon_m340_bmxp342030_firmware -
schneider-electric modicon_m340_bmxp342030 -
schneider-electric modicon_m340_bmxp3420302_firmware -
schneider-electric modicon_m340_bmxp3420302 -
schneider-electric modicon_m340_bmxp3420302h_firmware -
schneider-electric modicon_m340_bmxp3420302h -
schneider-electric modicon_m340_bmxp342030h_firmware -
schneider-electric modicon_m340_bmxp342030h -
schneider-electric modicon_m340_bmxnoc0401_firmware -
schneider-electric modicon_m340_bmxnoc0401 -
schneider-electric 171ccc96020_firmware -
schneider-electric 171ccc96020 -
schneider-electric 171ccc96020c_firmware -
schneider-electric 171ccc96020c -
schneider-electric 171ccc96030_firmware -
schneider-electric 171ccc96030 -
schneider-electric 171ccc96030c_firmware -
schneider-electric 171ccc96030c -
schneider-electric 171ccc98020_firmware -
schneider-electric 171ccc98020 -
schneider-electric 171ccc98030_firmware -
schneider-electric 171ccc98030 -
schneider-electric modicon_m340_bmxnoc0401_firmware -
schneider-electric modicon_m340_bmxnoc0401 -
schneider-electric modicon_m580_bmxnoc0402_firmware -
schneider-electric modicon_m580_bmxnoc0402 -
schneider-electric modicon_m340_bmxnoe0110_firmware -
schneider-electric modicon_m340_bmxnoe0110 -
schneider-electric modicon_m340_bmxnoe0110h_firmware -
schneider-electric modicon_m340_bmxnoe0110h -
schneider-electric modicon_m340_bmxnor0200h_firmware -
schneider-electric modicon_m340_bmxnor0200h -
schneider-electric modicon_m340_bmxp342020_firmware -
schneider-electric modicon_m340_bmxp342020 -
schneider-electric modicon_m340_bmxp342020h_firmware -
schneider-electric modicon_m340_bmxp342020h -
schneider-electric modicon_m340_bmxp3420302_firmware -
schneider-electric modicon_m340_bmxp3420302 -
schneider-electric modicon_m340_bmxp342030_firmware -
schneider-electric modicon_m340_bmxp342030 -
schneider-electric modicon_m340_bmxp3420302h_firmware -
schneider-electric modicon_m340_bmxp3420302h -
schneider-electric modicon_m340_bmxp342030h_firmware -
schneider-electric modicon_m340_bmxp342030h -
schneider-electric tsxetc100_firmware -
schneider-electric tsxetc100 -
schneider-electric tsxp573623mc_firmware -
schneider-electric tsxp573623mc -
schneider-electric tsxety110ws_firmware -
schneider-electric tsxety110ws -
schneider-electric tsxp574634m_firmware -
schneider-electric tsxp574634m -
schneider-electric tsxety110wsc_firmware -
schneider-electric tsxety110wsc -
schneider-electric tsxp574823am_firmware -
schneider-electric tsxp574823am -
schneider-electric tsxety4103_firmware -
schneider-electric tsxety4103 -
schneider-electric tsxp574823m_firmware -
schneider-electric tsxp574823m -
schneider-electric tsxety4103c_firmware -
schneider-electric tsxety4103c -
schneider-electric tsxp574823mc_firmware -
schneider-electric tsxp574823mc -
schneider-electric tsxety5103_firmware -
schneider-electric tsxety5103 -
schneider-electric tsxp575634m_firmware -
schneider-electric tsxp575634m -
schneider-electric tsxety5103c_firmware -
schneider-electric tsxety5103c -
schneider-electric tsxp576634m_firmware -
schneider-electric tsxp576634m -
schneider-electric tsxetz410_firmware -
schneider-electric tsxetz410 -
schneider-electric tsxwmy100_firmware -
schneider-electric tsxwmy100 -
schneider-electric tsxetz510_firmware -
schneider-electric tsxetz510 -
schneider-electric tsxwmy100c_firmware -
schneider-electric tsxwmy100c -
schneider-electric tsxntp100_firmware -
schneider-electric tsxntp100 -
schneider-electric tsxp571634m_firmware -
schneider-electric tsxp571634m -
schneider-electric tsxp572634m_firmware -
schneider-electric tsxp572634m -
schneider-electric tsxp573634m_firmware -
schneider-electric tsxp573634m -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:stbnic2212_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CAE6F21-BEF7-45F5-A1E1-F52081802FA4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:stbnic2212:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "28F0530E-5EBD-4869-A905-08078F8EEA3D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:stbnip2212_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8BB7B706-757E-42CB-97A2-5927B131C61D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:stbnip2212:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5BEE833-EA1E-4225-977C-089FD4BA8CF8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxetc0101_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0258629-6C04-47D0-8C59-7BE73815603C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxetc0101:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB523276-7B3E-4A3A-9070-F27D6967A7AA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxetc100_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A29F8D41-171E-41BE-B294-0F2317125445",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxetc100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC740EFF-A38E-4CFA-BF98-16C6C5CE4615",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp573623mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5FE52740-710B-4584-A600-5B45E9A90076",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp573623mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "63796B37-8350-49DC-8F14-9E212830C86C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxety110ws_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "92DCF9C9-8F9A-414C-AAB9-69F5459F0719",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxety110ws:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA58DCD9-D224-4B25-82CC-2D4716762490",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp574634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D634770-DB1F-43EF-AD2C-9351BD92D3BC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp574634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE60505D-0211-4E8C-B32C-988E25698B1E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxety110wsc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "73C3399E-2B28-4CF8-9356-C871ABD689C5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxety110wsc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2D63BE6-86E4-4FF7-99DF-C76BB7FFFB7B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp574823am_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C772ACA-2B12-41C5-A805-58F5A1B1EE0C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp574823am:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AAB0C0E-F4AF-4C20-A301-82A03994C86A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxety4103_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A27D7568-6D5A-4AA5-8D4E-800B15BE1B6C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxety4103:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "18B13865-038C-4073-955A-36E6F5037C2C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp574823m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "952314A3-D111-4AC5-B74B-FC849AE21E9B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp574823m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9D0A998-2761-4C05-8204-F1D09C343B82",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxety4103c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8CC496A-B2DD-4082-AB1E-7BB9D2BAAC52",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxety4103c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91FC8450-FAF2-4EDD-B7B6-AED6FFE948A6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp574823mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8BA42DDC-868B-4500-AB87-0BAB78AC3961",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp574823mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F78AFA7-60DD-41CA-AB5B-4DA77473CECF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxety5103_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1CFF2F6-DA65-4072-A56B-163C98890D3D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxety5103:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A901BF2-9316-4067-9AFC-8A7CB3549F68",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp575634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E490099-5E81-464C-9790-7A1DCF112A5F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp575634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57BF89C2-27F8-4FF5-9E4F-4F0CB6C2F0E9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxety5103c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B48FC153-8134-4B96-BD97-90C9C4C7753B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxety5103c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "28483125-5A43-445E-B10B-495DA19AD762",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp576634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6E5F731-F702-4F83-AE10-E3C3009625D6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp576634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71146321-B31B-4C5B-A600-2E414D84916E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxetz410_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "240A96ED-D4EE-4ACE-A17C-55668AD24AFF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxetz410:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E11C7B04-CF7E-47DC-9947-36FCD208B318",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxwmy100_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDBCF5C2-A6F9-4241-938E-8A730A8EF11A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxwmy100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "37743EAD-3445-4DC1-82C7-DCA96A530A51",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxetz510_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "28D59F34-0098-4550-A4DC-5F98A2B67BB6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxetz510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC4DF7D9-B51E-4B13-9104-DF16C8639979",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxwmy100c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "14CE2CFA-4D4C-4796-8742-C056135ED6E5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxwmy100c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "35E7DBFC-AE46-4608-87E3-08B2AE813BD0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxntp100_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "194F5A53-8062-465C-AABA-1BF7483EA716",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxntp100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "66AD7713-73F8-4271-8406-252DC80509DC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmxnoc0402_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FC6A7F3-D93C-44F2-B949-4AE070D89FC3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmxnoc0402:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C3A3232-1FCA-48E8-BAD8-E90D98F6D140",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxnoe0100_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF09AE3B-C3D4-4519-9F79-0516C738EDB2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxnoe0100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E7CAD05-06C7-4B77-9466-1581ACAD4416",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxnoe0110_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CCF6254-7166-430C-B969-96EB54C81330",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxnoe0110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE2953A1-873B-4784-8353-6CD92FD2A558",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxnoe0110h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DF9AB98-F2A7-4A74-9850-9B2C6F8CD17D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxnoe0110h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F2DDD4B-074E-4D36-8813-9B982D5C08BD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxnor0200h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2D556F4-B7B8-4F75-973A-3192F880DA09",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxnor0200h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C597244C-325F-4F6F-84B4-193CD299B3EF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6B88FC3-8FD3-4A2F-A2F0-BE6E29CB7D4F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99F2F851-C18F-4CB8-B47C-516F2AC7955D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "86AA8980-5D94-4B49-858C-E24290AE8D36",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "56BAED8B-EEFA-45D7-A5A3-9B62067CE24C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342030_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "90674B8F-C4BD-46AF-A86D-A01531074FB6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342030:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E472ABB0-5556-4B96-9CEF-2180E24FA7FD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F8EA70F-DD0C-4835-AA65-2B826807756B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "354968F7-C41B-4C21-8E47-81DC07DF0EA5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3E85D90-A4B8-46B9-B654-84CD68FCF658",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "075A16D1-F4DF-4DCB-8DF9-152E282CE01F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342030h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBDA1A8F-6AAF-4D09-9DB4-FACAB918963C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342030h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF9608E7-C9B5-4945-9609-690231DB1B5A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxnoc0401_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "65A1F43B-743A-4A07-B19B-F491F49D33FC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxnoc0401:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "43E39399-BE26-49DA-9522-3CB57DEACD63",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:171ccc96020_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8443AF5-8506-4FC1-9E12-2A6318ED2F71",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:171ccc96020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "50072285-A60B-4B9E-9DFB-947F1127AFE3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:171ccc96020c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DD28B94-DCC4-4B83-A8FC-81972B53604A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:171ccc96020c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2667F240-1C4C-4CFC-8FEC-439DE95E767A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:171ccc96030_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "310FF842-7A29-4F52-B12C-BDFBD962277B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:171ccc96030:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCD6A99A-9363-40BA-891B-D70B62163231",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:171ccc96030c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFDDA9E0-EBF0-4E5E-816A-98FDAEE4EFF1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:171ccc96030c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0F3B51A-7B7C-401A-B0F3-D38EFB084B27",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:171ccc98020_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF455A4F-7F2C-4AD3-A1F4-AE7AEC978460",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:171ccc98020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "762C9502-8164-435F-8EC8-BDD9600B3BF7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:171ccc98030_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7663D7C-68BD-42E8-B69D-26F3B56AD333",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:171ccc98030:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8032C8C-575C-488B-8B14-347DF11BA2CE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxnoc0401_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "65A1F43B-743A-4A07-B19B-F491F49D33FC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxnoc0401:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "43E39399-BE26-49DA-9522-3CB57DEACD63",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmxnoc0402_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FC6A7F3-D93C-44F2-B949-4AE070D89FC3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmxnoc0402:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C3A3232-1FCA-48E8-BAD8-E90D98F6D140",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxnoe0110_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CCF6254-7166-430C-B969-96EB54C81330",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxnoe0110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE2953A1-873B-4784-8353-6CD92FD2A558",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxnoe0110h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DF9AB98-F2A7-4A74-9850-9B2C6F8CD17D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxnoe0110h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F2DDD4B-074E-4D36-8813-9B982D5C08BD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxnor0200h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2D556F4-B7B8-4F75-973A-3192F880DA09",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxnor0200h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C597244C-325F-4F6F-84B4-193CD299B3EF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6B88FC3-8FD3-4A2F-A2F0-BE6E29CB7D4F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99F2F851-C18F-4CB8-B47C-516F2AC7955D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "86AA8980-5D94-4B49-858C-E24290AE8D36",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "56BAED8B-EEFA-45D7-A5A3-9B62067CE24C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F8EA70F-DD0C-4835-AA65-2B826807756B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "354968F7-C41B-4C21-8E47-81DC07DF0EA5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342030_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "90674B8F-C4BD-46AF-A86D-A01531074FB6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342030:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E472ABB0-5556-4B96-9CEF-2180E24FA7FD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3E85D90-A4B8-46B9-B654-84CD68FCF658",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "075A16D1-F4DF-4DCB-8DF9-152E282CE01F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342030h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBDA1A8F-6AAF-4D09-9DB4-FACAB918963C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342030h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF9608E7-C9B5-4945-9609-690231DB1B5A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxetc100_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A29F8D41-171E-41BE-B294-0F2317125445",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxetc100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC740EFF-A38E-4CFA-BF98-16C6C5CE4615",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp573623mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5FE52740-710B-4584-A600-5B45E9A90076",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp573623mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "63796B37-8350-49DC-8F14-9E212830C86C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxety110ws_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "92DCF9C9-8F9A-414C-AAB9-69F5459F0719",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxety110ws:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA58DCD9-D224-4B25-82CC-2D4716762490",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp574634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D634770-DB1F-43EF-AD2C-9351BD92D3BC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp574634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE60505D-0211-4E8C-B32C-988E25698B1E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxety110wsc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "73C3399E-2B28-4CF8-9356-C871ABD689C5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxety110wsc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2D63BE6-86E4-4FF7-99DF-C76BB7FFFB7B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp574823am_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C772ACA-2B12-41C5-A805-58F5A1B1EE0C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp574823am:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AAB0C0E-F4AF-4C20-A301-82A03994C86A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxety4103_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A27D7568-6D5A-4AA5-8D4E-800B15BE1B6C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxety4103:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "18B13865-038C-4073-955A-36E6F5037C2C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp574823m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "952314A3-D111-4AC5-B74B-FC849AE21E9B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp574823m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9D0A998-2761-4C05-8204-F1D09C343B82",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxety4103c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8CC496A-B2DD-4082-AB1E-7BB9D2BAAC52",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxety4103c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91FC8450-FAF2-4EDD-B7B6-AED6FFE948A6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp574823mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8BA42DDC-868B-4500-AB87-0BAB78AC3961",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp574823mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F78AFA7-60DD-41CA-AB5B-4DA77473CECF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxety5103_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1CFF2F6-DA65-4072-A56B-163C98890D3D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxety5103:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A901BF2-9316-4067-9AFC-8A7CB3549F68",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp575634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E490099-5E81-464C-9790-7A1DCF112A5F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp575634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57BF89C2-27F8-4FF5-9E4F-4F0CB6C2F0E9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxety5103c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B48FC153-8134-4B96-BD97-90C9C4C7753B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxety5103c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "28483125-5A43-445E-B10B-495DA19AD762",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp576634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6E5F731-F702-4F83-AE10-E3C3009625D6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp576634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71146321-B31B-4C5B-A600-2E414D84916E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxetz410_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "240A96ED-D4EE-4ACE-A17C-55668AD24AFF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxetz410:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E11C7B04-CF7E-47DC-9947-36FCD208B318",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxwmy100_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BDBCF5C2-A6F9-4241-938E-8A730A8EF11A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxwmy100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "37743EAD-3445-4DC1-82C7-DCA96A530A51",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxetz510_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "28D59F34-0098-4550-A4DC-5F98A2B67BB6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxetz510:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC4DF7D9-B51E-4B13-9104-DF16C8639979",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxwmy100c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "14CE2CFA-4D4C-4796-8742-C056135ED6E5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxwmy100c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "35E7DBFC-AE46-4608-87E3-08B2AE813BD0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxntp100_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "194F5A53-8062-465C-AABA-1BF7483EA716",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxntp100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "66AD7713-73F8-4271-8406-252DC80509DC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp571634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8BAC53A2-F2DA-41C5-9699-EC421B3143E1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp571634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "31A5DCC8-9E3D-4919-9DE3-73FC8733E73D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp572634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9B7568D-8C01-4268-BAB6-A4849BFD3FA4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp572634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA2094F4-976F-44FA-A7E5-93E20A80DA00",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp573634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FC7B128-2CCC-46BA-B3EC-BF4AD8A788C3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp573634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80500883-2825-46DD-8ED9-4F324A4494CC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Directory traversal vulnerability in SchneiderWEB on Schneider Electric Modicon PLC Ethernet modules 140CPU65x Exec before 5.5, 140NOC78x Exec before 1.62, 140NOE77x Exec before 6.2, BMXNOC0401 before 2.05, BMXNOE0100 before 2.9, BMXNOE0110x Exec before 6.0, TSXETC101 Exec before 2.04, TSXETY4103x Exec before 5.7, TSXETY5103x Exec before 5.9, TSXP57x ETYPort Exec before 5.7, and TSXP57x Ethernet Copro Exec before 5.5 allows remote attackers to visit arbitrary resources via a crafted HTTP request."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de salto de directorio en SchneiderWEB en los m\u00f3dulos Schneider Electric Modicon PLC Ethernet 140CPU65x Exec anterior a 5.5, 140NOC78x Exec anterior a 1.62, 140NOE77x Exec anterior a 6.2, BMXNOC0401 anterior a 2.05, BMXNOE0100 anterior a 2.9, BMXNOE0110x Exec anterior a 6.0, TSXETC101 Exec anterior a 2.04, TSXETY4103x Exec anterior a 5.7, TSXETY5103x Exec anterior a 5.9, TSXP57x ETYPort Exec anterior a 5.7, y TSXP57x Ethernet Copro Exec anterior a 5.5 permite a atacantes remotos visitar recursos arbitrarios a trav\u00e9s de una solicitud HTTP manipulada."
    }
  ],
  "id": "CVE-2014-0754",
  "lastModified": "2024-11-21T02:02:44.980",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-10-03T18:55:06.017",
  "references": [
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://download.schneider-electric.com/files?p_Reference=SEVD-2014-260-01\u0026p_EnDocType=Software%20-%20Updates\u0026p_File_Id=608959359\u0026p_File_Name=SEVD-2014-260-01.pdf"
    },
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/70193"
    },
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-14-273-01"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://download.schneider-electric.com/files?p_Reference=SEVD-2014-260-01\u0026p_EnDocType=Software%20-%20Updates\u0026p_File_Id=608959359\u0026p_File_Name=SEVD-2014-260-01.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/70193"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-14-273-01"
    }
  ],
  "sourceIdentifier": "ics-cert@hq.dhs.gov",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2018-04-18 20:29
Modified
2024-11-21 04:12
Severity ?
9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability exists in the HTTP request parser in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200 which could allow arbitrary code execution.
References
cybersecurity@se.comhttps://www.schneider-electric.com/en/download/document/SEVD-2018-081-02/Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.schneider-electric.com/en/download/document/SEVD-2018-081-02/Vendor Advisory
Impacted products
Vendor Product Version
schneider-electric bmxnor0200_firmware -
schneider-electric bmxnor0200 -
schneider-electric bmxnor0200h_firmware -
schneider-electric bmxnor0200h -
schneider-electric 140cpu65150_firmware -
schneider-electric 140cpu65150 -
schneider-electric 140cpu31110_firmware -
schneider-electric 140cpu31110 -
schneider-electric 140cpu43412u_firmware -
schneider-electric 140cpu43412u -
schneider-electric 140cpu65160_firmware -
schneider-electric 140cpu65160 -
schneider-electric 140cpu65260_firmware -
schneider-electric 140cpu65260 -
schneider-electric 140cpu65860_firmware -
schneider-electric 140cpu65860 -
schneider-electric 140cpu65160s_firmware -
schneider-electric 140cpu65160s -
schneider-electric 140cpu65150c_firmware -
schneider-electric 140cpu65150c -
schneider-electric 140cpu31110c_firmware -
schneider-electric 140cpu31110c -
schneider-electric 140cpu43412uc_firmware -
schneider-electric 140cpu43412uc -
schneider-electric 140cpu65160c_firmware -
schneider-electric 140cpu65160c -
schneider-electric 140cpu65160c_firmware -
schneider-electric 140cpu65160c -
schneider-electric 140cpu65260c_firmware -
schneider-electric 140cpu65260c -
schneider-electric 140cpu65860c_firmware -
schneider-electric 140cpu65860c -
schneider-electric modicon_m340_bmxp341000_firmware -
schneider-electric modicon_m340_bmxp341000 -
schneider-electric modicon_m340_bmxp342000_firmware -
schneider-electric modicon_m340_bmxp342000 -
schneider-electric modicon_m340_bmxp3420102_firmware -
schneider-electric modicon_m340_bmxp3420102 -
schneider-electric modicon_m340_bmxp3420102cl_firmware -
schneider-electric modicon_m340_bmxp3420102cl -
schneider-electric modicon_m340_bmxp342020_firmware -
schneider-electric modicon_m340_bmxp342020 -
schneider-electric modicon_m340_bmxp3420302_firmware -
schneider-electric modicon_m340_bmxp3420302 -
schneider-electric modicon_m340_bmxp3420302cl_firmware -
schneider-electric modicon_m340_bmxp3420302cl -
schneider-electric modicon_m340_bmxp3420302h_firmware -
schneider-electric modicon_m340_bmxp3420302h -
schneider-electric modicon_m340_bmxp342020h_firmware -
schneider-electric modicon_m340_bmxp342020h -
schneider-electric modicon_m340_bmxp341000h_firmware -
schneider-electric modicon_m340_bmxp341000h -
schneider-electric tsxh5724m_firmware -
schneider-electric tsxh5724m -
schneider-electric tsxh5744m_firmware -
schneider-electric tsxh5744m -
schneider-electric tsxp57104m_firmware -
schneider-electric tsxp57104m -
schneider-electric tsxp57154m_firmware -
schneider-electric tsxp57154m -
schneider-electric tsxp571634m_firmware -
schneider-electric tsxp571634m -
schneider-electric tsxp57204m_firmware -
schneider-electric tsxp57204m -
schneider-electric tsxp57254m_firmware -
schneider-electric tsxp57254m -
schneider-electric tsxp572634m_firmware -
schneider-electric tsxp572634m -
schneider-electric tsxp57304m_firmware -
schneider-electric tsxp57304m -
schneider-electric tsxp57354m_firmware -
schneider-electric tsxp57354m -
schneider-electric tsxp573634m_firmware -
schneider-electric tsxp573634m -
schneider-electric tsxp57454m_firmware -
schneider-electric tsxp57454m -
schneider-electric tsxp574634m_firmware -
schneider-electric tsxp574634m -
schneider-electric tsxp575634m_firmware -
schneider-electric tsxp575634m -
schneider-electric tsxp576634m_firmware -
schneider-electric tsxp576634m -
schneider-electric tsxh5724mc_firmware -
schneider-electric tsxh5724mc -
schneider-electric tsxh5744mc_firmware -
schneider-electric tsxh5744mc -
schneider-electric tsxp57104mc_firmware -
schneider-electric tsxp57104mc -
schneider-electric tsxp57154mc_firmware -
schneider-electric tsxp57154mc -
schneider-electric tsxp571634mc_firmware -
schneider-electric tsxp571634mc -
schneider-electric tsxp57204mc_firmware -
schneider-electric tsxp57204mc -
schneider-electric tsxp57254mc_firmware -
schneider-electric tsxp57254mc -
schneider-electric tsxp572634mc_firmware -
schneider-electric tsxp572634mc -
schneider-electric tsxp57304mc_firmware -
schneider-electric tsxp57304mc -
schneider-electric tsxp57354mc_firmware -
schneider-electric tsxp57354mc -
schneider-electric tsxp573634mc_firmware -
schneider-electric tsxp573634mc -
schneider-electric tsxp57454mc_firmware -
schneider-electric tsxp57454mc -
schneider-electric tsxp574634mc_firmware -
schneider-electric tsxp574634mc -
schneider-electric tsxp57554mc_firmware -
schneider-electric tsxp57554mc -
schneider-electric tsxp575634mc_firmware -
schneider-electric tsxp575634mc -
schneider-electric tsxp576634mc_firmware -
schneider-electric tsxp576634mc -
schneider-electric tsxh5724m_firmware -
schneider-electric tsxh5724m -
schneider-electric tsxh5744mc_firmware -
schneider-electric tsxh5744mc -
schneider-electric tsxp57554m_firmware -
schneider-electric tsxp57554m -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnor0200_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAA48015-57C1-4371-8B9D-FFDEE461D227",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnor0200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABF43229-1E2E-493A-B44F-DD2870559A93",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnor0200h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D0B4021-E058-4B5B-823B-BB1C0A939E30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnor0200h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "60D9A366-3394-4275-B884-AE6E7227156E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65150_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7003BE27-3D26-46F9-BF51-5E026EA2AED6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC3E5496-C3D0-4DF4-A9AF-F227F889840E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu31110_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A37B3D0A-D1AA-494F-B26B-70BA8D1E8D6F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu31110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F363F812-4BF2-450C-BC40-48A136746B9E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu43412u_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B36E6DC-D407-4A3B-9ED3-1683EEE83299",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu43412u:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B87C8629-A8CF-4B8E-AB03-0425C30A40C3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65160_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E092BBB-F315-4541-B8B2-BF9E1B75B041",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65160:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2C2AF70-F0BB-4D17-901C-1FCBECDC44FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65260_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D5F2BE6-CF9E-48BB-B525-6B8F4C0B203E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65260:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D7304B0-EE18-454B-B3F0-5EF387285D90",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65860_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FECDF56E-7F6B-4048-AAAA-0D80C685F6D9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65860:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B8230FD-0C0A-467C-9BAD-09257739D462",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65160s_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "616C2139-6063-4BB1-84C0-AECDBB9EC86C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65160s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "95E48F27-F241-4491-AFF7-8BD562F21A52",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65150c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAA5A94A-09A0-4606-8DAE-0CDE1A372483",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65150c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "51A2EB59-CCEE-4123-8344-764959B32C3C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu31110c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEE31953-8AEA-45AB-81A1-BCE9AC78A48D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu31110c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "33B887DA-75CD-465C-8B02-4DF1A063F3B9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu43412uc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "09F9986A-4089-429E-BFD7-131C3BE98B9E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu43412uc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "38AC4E35-E020-4E54-B1F7-01F4A9D9DEC7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65160c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A75F5C8-3341-4C4A-8660-F002AD07702F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65160c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1A9B6A4-BAA6-4982-A27B-2B9D5F0E7178",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65160c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A75F5C8-3341-4C4A-8660-F002AD07702F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65160c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1A9B6A4-BAA6-4982-A27B-2B9D5F0E7178",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65260c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BE1F4A9-D2EA-4A5B-8F9A-EFD961D4F49D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65260c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "106C756F-1A0D-486F-BA83-F1F6D9D5661E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65860c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1472068B-ECE2-46F4-AC91-43F5AFCA8C52",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65860c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E33E1CF-BD62-4638-AD44-30A19063FCD5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp341000_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EC4B64B-CF0F-46CE-91FB-6A320F83B190",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "178D2338-E48E-493C-992F-337AACE794DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342000_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "64041ACC-0BF1-45F7-B1AB-6C836BD606BB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D150239-27E2-4CBE-A931-5107C15E362F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D597D553-9E36-453A-8C82-FCBB38E6DE49",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98212CF5-BCF4-4A55-B62A-484569687B4E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102cl_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC0A5B21-421E-4E89-A408-D9B1639D0902",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102cl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D30336F0-EDCF-486C-B52E-D0C53BCDFC65",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6B88FC3-8FD3-4A2F-A2F0-BE6E29CB7D4F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99F2F851-C18F-4CB8-B47C-516F2AC7955D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F8EA70F-DD0C-4835-AA65-2B826807756B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "354968F7-C41B-4C21-8E47-81DC07DF0EA5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302cl_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "55DE4493-EC66-4A65-ACF1-085FEE3E350B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302cl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "32091F91-9397-4506-8801-C68B9E8B60F0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3E85D90-A4B8-46B9-B654-84CD68FCF658",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "075A16D1-F4DF-4DCB-8DF9-152E282CE01F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "86AA8980-5D94-4B49-858C-E24290AE8D36",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "56BAED8B-EEFA-45D7-A5A3-9B62067CE24C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp341000h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6520258-C8F2-48B3-AB65-281F46ECC6D7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "69222495-4F18-434E-B86C-F63C5A2C1242",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxh5724m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4DD1A18C-9B62-40C2-99CF-3A68544726EB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxh5724m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1F56BA4-6A19-44FB-8555-7360C77F83AF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxh5744m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3D6BEFC-72CD-44D8-957A-EC09429C5B01",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxh5744m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B57B894-5AA4-4412-B425-7338CB2FFA3C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57104m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9DEC794-B68A-40DC-8F84-00CBEB8864DE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57104m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "587226C6-6BE2-4A42-B593-34498F647B24",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57154m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "70BC8D38-1297-43F7-864F-693979F17BB4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57154m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CC8F0AB-C4A8-40B3-88E0-92F52EA05692",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp571634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8BAC53A2-F2DA-41C5-9699-EC421B3143E1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp571634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "31A5DCC8-9E3D-4919-9DE3-73FC8733E73D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57204m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "64F1346D-8D14-498D-A692-C1A5A0EF9378",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57204m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3202C35B-3356-43FA-84C1-A2444665EA56",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57254m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B6C1584-7ABD-427B-8321-1F5C8D3948A2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57254m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57B75D71-11CA-4DDF-849A-08A9D84C95AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp572634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9B7568D-8C01-4268-BAB6-A4849BFD3FA4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp572634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA2094F4-976F-44FA-A7E5-93E20A80DA00",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57304m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "62618355-F206-4112-95D0-4555377AB20F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57304m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5FDBAB3-C8C2-47F6-ACAA-B89BA53849B9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57354m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "786D8BB6-FD4D-41FB-BECB-8E4A70DA2BB1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57354m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAE46047-D9AF-4720-A130-A0F989423F82",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp573634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FC7B128-2CCC-46BA-B3EC-BF4AD8A788C3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp573634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80500883-2825-46DD-8ED9-4F324A4494CC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57454m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C14B9070-7919-40FE-AE5E-C56F88D87000",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57454m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC537593-1AB7-438E-AB71-EDB469A1DFF7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp574634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D634770-DB1F-43EF-AD2C-9351BD92D3BC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp574634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE60505D-0211-4E8C-B32C-988E25698B1E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp575634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E490099-5E81-464C-9790-7A1DCF112A5F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp575634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57BF89C2-27F8-4FF5-9E4F-4F0CB6C2F0E9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp576634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6E5F731-F702-4F83-AE10-E3C3009625D6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp576634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71146321-B31B-4C5B-A600-2E414D84916E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxh5724mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "60C65BC1-802C-4877-81C7-247D23CC5A9D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxh5724mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "09680CF4-5A88-4DEB-BD05-44BA24685098",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxh5744mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "725B442B-06BD-401A-B91C-5A2C490559F6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxh5744mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EB49EB2-5F90-49EA-BD95-52BF6F5B5FE3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57104mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B26315A-DA7B-48DC-93D2-ED292095CDB5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57104mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "13D605BE-1CB9-4954-BF09-BA666E722BC7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57154mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF6F4125-6D52-4788-B5BA-C4022C8079C5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57154mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5030BD7-A01B-4069-800B-0A91F55D14E4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp571634mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "00916712-0D0F-41FF-A977-95F98637FA27",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp571634mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "560A0D6E-6A0C-46E6-9216-C3369594B2FC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57204mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F3A2B5D-BEE1-4504-8196-B29EB0CC5A9A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57204mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "12D1C05A-AD02-43F1-B508-DC0ED0F269EC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57254mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "403ABCAE-2F5F-4E3B-9DDF-2E8E554CC9B2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57254mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "588F84BE-C0F5-4271-BE93-7EB721885390",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp572634mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "42C42113-3B11-4F71-8509-07758903AFEF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp572634mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91E32B09-3874-4198-BA17-332811B313CE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57304mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "27D4613F-7210-411C-B4D7-BC4EF5629686",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57304mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D70CDDC-9CE8-4766-8251-B87C1BE5F693",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57354mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "03B5326F-97AF-45EC-8F47-A449718A6A0C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57354mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F60FE0FD-2283-460D-98D6-7FDAF370F951",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp573634mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "612F0F44-8611-4F22-88E2-E085094418B3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp573634mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "77CBF69B-2CB1-4FD7-8004-BA76E1DD832C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57454mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8FF4C1F-1883-40F2-B966-0A282B26C503",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57454mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5647F4AB-8D54-42F9-BFF3-5AA22D07E694",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp574634mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "93134D1F-3F9C-42CC-B050-2FE4A41ECEA5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp574634mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE0A6EF5-9A76-4985-9411-44184BA51303",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57554mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CBE84C1-A5B1-4E8B-9CE1-D3243D7FD228",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57554mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A3B77B6-AAF8-456C-8B04-3623EB0E968E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp575634mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A88E0D7A-31DE-42E2-931A-E428B4515B2F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp575634mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AAD43A71-5615-4A3D-8AB9-F714827ADEE5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp576634mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD593582-806E-4C6D-B07A-CB31161AEFA6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp576634mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "827D5E75-1491-4485-B22B-E81AC90B923C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxh5724m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4DD1A18C-9B62-40C2-99CF-3A68544726EB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxh5724m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1F56BA4-6A19-44FB-8555-7360C77F83AF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxh5744mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "725B442B-06BD-401A-B91C-5A2C490559F6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxh5744mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EB49EB2-5F90-49EA-BD95-52BF6F5B5FE3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57554m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "24DE3518-2898-4D71-80ED-8C73FFE9E436",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57554m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5572E616-5D86-46FF-AEA7-4A12E66F0ED4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability exists in the HTTP request parser in Schneider Electric\u0027s Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200 which could allow arbitrary code execution."
    },
    {
      "lang": "es",
      "value": "Existe una vulnerabilidad en Modicon M340, Modicon Premium, Modicon Quantum PLC y BMXNOR0200, de Schneider Electric, que podr\u00eda permitir la ejecuci\u00f3n de c\u00f3digo arbitrario."
    }
  ],
  "id": "CVE-2018-7761",
  "lastModified": "2024-11-21T04:12:41.250",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-04-18T20:29:00.793",
  "references": [
    {
      "source": "cybersecurity@se.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-081-02/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-081-02/"
    }
  ],
  "sourceIdentifier": "cybersecurity@se.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2019-05-22 20:29
Modified
2024-11-21 04:47
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists which could cause a possible Denial of Service when specific Modbus frames are sent to the controller in the products: Modicon M340 - firmware versions prior to V3.01, Modicon M580 - firmware versions prior to V2.80, All firmware versions of Modicon Quantum and Modicon Premium.
References
cybersecurity@se.comhttp://www.securityfocus.com/bid/109004Broken Link
cybersecurity@se.comhttps://www.schneider-electric.com/en/download/document/SEVD-2019-134-05/Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/109004Broken Link
af854a3a-2127-422b-91ae-364da2661108https://www.schneider-electric.com/en/download/document/SEVD-2019-134-05/Vendor Advisory
Impacted products
Vendor Product Version
schneider-electric modicon_m340_firmware *
schneider-electric modicon_m340_bmxp341000 -
schneider-electric modicon_m340_bmxp341000h -
schneider-electric modicon_m340_bmxp342000 -
schneider-electric modicon_m340_bmxp3420102 -
schneider-electric modicon_m340_bmxp3420102cl -
schneider-electric modicon_m340_bmxp342020 -
schneider-electric modicon_m340_bmxp342020h -
schneider-electric modicon_m340_bmxp3420302 -
schneider-electric modicon_m340_bmxp3420302cl -
schneider-electric modicon_m340_bmxp3420302h -
schneider-electric modicon_m580_firmware *
schneider-electric bmeh582040 -
schneider-electric bmeh582040c -
schneider-electric bmeh584040 -
schneider-electric bmeh584040c -
schneider-electric bmeh586040 -
schneider-electric bmeh586040c -
schneider-electric modicon_m580_bmep581020 -
schneider-electric modicon_m580_bmep581020h -
schneider-electric modicon_m580_bmep582020 -
schneider-electric modicon_m580_bmep582020h -
schneider-electric modicon_m580_bmep582040 -
schneider-electric modicon_m580_bmep582040h -
schneider-electric modicon_m580_bmep582040s -
schneider-electric modicon_m580_bmep583020 -
schneider-electric modicon_m580_bmep583040 -
schneider-electric modicon_m580_bmep584020 -
schneider-electric modicon_m580_bmep584040 -
schneider-electric modicon_m580_bmep584040s -
schneider-electric modicon_m580_bmep585040 -
schneider-electric modicon_m580_bmep585040c -
schneider-electric modicon_m580_bmep586040 -
schneider-electric modicon_m580_bmep586040c -
schneider-electric modicon_quantum_firmware *
schneider-electric modicon_quantum -
schneider-electric modicon_premium_firmware *
schneider-electric modicon_premium -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "606AFE88-8C9A-4D18-9209-1193B628669F",
              "versionEndExcluding": "3.01",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "178D2338-E48E-493C-992F-337AACE794DE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "69222495-4F18-434E-B86C-F63C5A2C1242",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D150239-27E2-4CBE-A931-5107C15E362F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98212CF5-BCF4-4A55-B62A-484569687B4E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102cl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D30336F0-EDCF-486C-B52E-D0C53BCDFC65",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99F2F851-C18F-4CB8-B47C-516F2AC7955D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "56BAED8B-EEFA-45D7-A5A3-9B62067CE24C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "354968F7-C41B-4C21-8E47-81DC07DF0EA5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302cl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "32091F91-9397-4506-8801-C68B9E8B60F0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "075A16D1-F4DF-4DCB-8DF9-152E282CE01F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FDEB227-D50B-402C-9C11-E29F52BC10BB",
              "versionEndExcluding": "2.80",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmeh582040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E6E5E62-BBA8-4370-A232-8E1196757C3E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmeh582040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C393EAE-D2A1-42BC-8CE8-2DCAC96EB769",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmeh584040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2A8BF9D-AFD1-4F19-A0DB-5EB6F343D890",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmeh584040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "63D48211-A734-4F98-A4D5-569268335757",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmeh586040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "38D22DD5-677B-42E8-AE1F-11601D4BF110",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmeh586040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "79907FE7-B4B0-4732-9287-B7ED13115F6C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep581020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2317F260-7AA2-4178-B468-03DF36223E26",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep581020h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D7DDC42-37A1-43B0-AD46-2E0D098564BA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "765E4FEE-255E-4C47-824A-5661B84B490B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582020h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1FEA377-3C45-4F88-B233-088A24BD0771",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBCCDD6D-35CE-4680-8B0C-86584B1D8958",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "68FD5968-C522-4231-A98C-93D3101B6148",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C02B27F6-B8CF-4D3B-9DA6-054F540EA6B6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep583020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBC38FF1-693E-4899-883C-1B7B80A52F2C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep583040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "002E7F33-6729-4C35-9DDA-7D8383BD5668",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "47DFEBAC-2F1D-4870-8425-2199BF80B425",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC4A1DF2-FF4C-4DBE-BF74-6A4A09E3DECE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6222C1F8-BE52-4666-B7F5-2E8BBC214F70",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep585040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5376D9F4-8AFB-4909-A11B-33C54C4220DB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep585040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CADB178B-FEFD-48A9-B155-0E8F6D490229",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep586040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B3C1879-269B-47EB-891B-EF2E90C911D7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep586040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5771A1A5-3DAF-4869-A24F-F9B0A38B5DA5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_quantum_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "745CC7A7-70FB-4551-8EBF-600B7A6236D7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9B7CEF7-B9BA-4923-808F-DA2931569EBB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_premium_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "619CFD8D-9652-4AAB-AFC4-796B3F10F61F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F00936E2-E6EF-4ABF-8666-7D83BE424F42",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists which could cause a possible Denial of Service when specific Modbus frames are sent to the controller in the products: Modicon M340 - firmware versions prior to V3.01, Modicon M580 - firmware versions prior to V2.80, All firmware versions of Modicon Quantum and Modicon Premium."
    },
    {
      "lang": "es",
      "value": "Una CWE-754: Existe una vulnerabilidad de Comprobaci\u00f3n Inapropiada  para condiciones inusuales o excepcionales, que podr\u00eda generar una posible Denegaci\u00f3n de Servicio cuando se env\u00edan tramas Modbus espec\u00edficas hacia el controlador en los productos: Modicon M340 - versiones de firmware anteriores a la V3.01, Modicon M580 - versiones de firmware anteriores a V2.80, y todas las versiones de firmware de Modicon Quantum y Modicon Premium."
    }
  ],
  "id": "CVE-2019-6819",
  "lastModified": "2024-11-21T04:47:12.980",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-05-22T20:29:02.090",
  "references": [
    {
      "source": "cybersecurity@se.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.securityfocus.com/bid/109004"
    },
    {
      "source": "cybersecurity@se.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.schneider-electric.com/en/download/document/SEVD-2019-134-05/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.securityfocus.com/bid/109004"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.schneider-electric.com/en/download/document/SEVD-2019-134-05/"
    }
  ],
  "sourceIdentifier": "cybersecurity@se.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-754"
        }
      ],
      "source": "cybersecurity@se.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-754"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2019-05-22 20:29
Modified
2024-11-21 04:12
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
CWE-119: Buffer errors vulnerability exists in Modicon M580 with firmware prior to V2.50, Modicon M340 with firmware prior to V3.01, BMxCRA312xx with firmware prior to V2.40, All firmware versions of Modicon Premium and 140CRA312xxx when sending a specially crafted Modbus packet, which could cause a denial of service to the device that would force a restart to restore availability.
References
cybersecurity@se.comhttps://www.schneider-electric.com/en/download/document/SEVD-2019-134-10/Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.schneider-electric.com/en/download/document/SEVD-2019-134-10/Vendor Advisory
Impacted products
Vendor Product Version
schneider-electric m580_firmware *
schneider-electric bmeh582040 -
schneider-electric bmeh582040c -
schneider-electric bmeh584040 -
schneider-electric bmeh584040c -
schneider-electric bmeh586040 -
schneider-electric bmeh586040c -
schneider-electric modicon_m580_bmep581020 -
schneider-electric modicon_m580_bmep581020h -
schneider-electric modicon_m580_bmep582020 -
schneider-electric modicon_m580_bmep582020h -
schneider-electric modicon_m580_bmep582040 -
schneider-electric modicon_m580_bmep582040h -
schneider-electric modicon_m580_bmep582040s -
schneider-electric modicon_m580_bmep583020 -
schneider-electric modicon_m580_bmep583040 -
schneider-electric modicon_m580_bmep584020 -
schneider-electric modicon_m580_bmep584040 -
schneider-electric modicon_m580_bmep584040s -
schneider-electric modicon_m580_bmep585040 -
schneider-electric modicon_m580_bmep585040c -
schneider-electric modicon_m580_bmep586040 -
schneider-electric modicon_m580_bmep586040c -
schneider-electric m340_firmware *
schneider-electric modicon_m340_bmxp341000 -
schneider-electric modicon_m340_bmxp341000h -
schneider-electric modicon_m340_bmxp342000 -
schneider-electric modicon_m340_bmxp3420102 -
schneider-electric modicon_m340_bmxp3420102cl -
schneider-electric modicon_m340_bmxp342020 -
schneider-electric modicon_m340_bmxp342020h -
schneider-electric modicon_m340_bmxp3420302 -
schneider-electric modicon_m340_bmxp3420302cl -
schneider-electric modicon_m340_bmxp3420302h -
schneider-electric bmx\/e_cra_firmware *
schneider-electric bmxcra31200 -
schneider-electric bmxcra31210c -
schneider-electric modicon_premium_firmware *
schneider-electric modicon_premium -
schneider-electric 140cra312xxx_firmware *
schneider-electric 140cra312xxx -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:m580_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B538C424-0F99-4D98-AB1F-CFE9D07DA37B",
              "versionEndExcluding": "2.50",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmeh582040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E6E5E62-BBA8-4370-A232-8E1196757C3E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmeh582040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C393EAE-D2A1-42BC-8CE8-2DCAC96EB769",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmeh584040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2A8BF9D-AFD1-4F19-A0DB-5EB6F343D890",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmeh584040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "63D48211-A734-4F98-A4D5-569268335757",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmeh586040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "38D22DD5-677B-42E8-AE1F-11601D4BF110",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmeh586040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "79907FE7-B4B0-4732-9287-B7ED13115F6C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep581020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2317F260-7AA2-4178-B468-03DF36223E26",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep581020h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D7DDC42-37A1-43B0-AD46-2E0D098564BA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "765E4FEE-255E-4C47-824A-5661B84B490B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582020h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1FEA377-3C45-4F88-B233-088A24BD0771",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBCCDD6D-35CE-4680-8B0C-86584B1D8958",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "68FD5968-C522-4231-A98C-93D3101B6148",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C02B27F6-B8CF-4D3B-9DA6-054F540EA6B6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep583020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBC38FF1-693E-4899-883C-1B7B80A52F2C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep583040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "002E7F33-6729-4C35-9DDA-7D8383BD5668",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "47DFEBAC-2F1D-4870-8425-2199BF80B425",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC4A1DF2-FF4C-4DBE-BF74-6A4A09E3DECE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6222C1F8-BE52-4666-B7F5-2E8BBC214F70",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep585040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5376D9F4-8AFB-4909-A11B-33C54C4220DB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep585040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CADB178B-FEFD-48A9-B155-0E8F6D490229",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep586040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B3C1879-269B-47EB-891B-EF2E90C911D7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep586040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5771A1A5-3DAF-4869-A24F-F9B0A38B5DA5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:m340_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8ED6BE5-14D0-4B3C-B00D-5274D9233247",
              "versionEndExcluding": "3.01",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "178D2338-E48E-493C-992F-337AACE794DE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "69222495-4F18-434E-B86C-F63C5A2C1242",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D150239-27E2-4CBE-A931-5107C15E362F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98212CF5-BCF4-4A55-B62A-484569687B4E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102cl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D30336F0-EDCF-486C-B52E-D0C53BCDFC65",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99F2F851-C18F-4CB8-B47C-516F2AC7955D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "56BAED8B-EEFA-45D7-A5A3-9B62067CE24C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "354968F7-C41B-4C21-8E47-81DC07DF0EA5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302cl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "32091F91-9397-4506-8801-C68B9E8B60F0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "075A16D1-F4DF-4DCB-8DF9-152E282CE01F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmx\\/e_cra_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB34942D-0DBD-43CB-847A-C5349EB9A92A",
              "versionEndExcluding": "2.40",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxcra31200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "887930A9-2577-4E69-AB81-0C8582A13F34",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxcra31210c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "46150F0B-D3A6-44C4-94A1-448D1B4294EB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_premium_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "619CFD8D-9652-4AAB-AFC4-796B3F10F61F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F00936E2-E6EF-4ABF-8666-7D83BE424F42",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cra312xxx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCE700BF-EEFD-4349-9B33-432281EA23BE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cra312xxx:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CC7AABD-9260-4F6C-A6C9-AE738263F90A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "CWE-119: Buffer errors vulnerability exists in Modicon M580 with firmware prior to V2.50, Modicon M340 with firmware prior to V3.01, BMxCRA312xx with firmware prior to V2.40, All firmware versions of Modicon Premium and 140CRA312xxx when sending a specially crafted Modbus packet, which could cause a denial of service to the device that would force a restart to restore availability."
    },
    {
      "lang": "es",
      "value": "CWE-119: Existe una vulnerabilidad de errores de b\u00fafer en Modicon M580 con firmware anterior a V2.50, Modicon M340 con firmware anterior a V3.01, BMxCRA312xx con firmware anterior a V2.40 y todas las versiones de firmware de Modicon Premium y 140CRA312xxx al enviar un paquete Modbus especialmente creado, que podr\u00eda generar una Denegaci\u00f3n de Servicio al dispositivo que forzar\u00eda un reinicio para restaurar la disponibilidad."
    }
  ],
  "id": "CVE-2018-7851",
  "lastModified": "2024-11-21T04:12:52.710",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-05-22T20:29:01.853",
  "references": [
    {
      "source": "cybersecurity@se.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.schneider-electric.com/en/download/document/SEVD-2019-134-10/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.schneider-electric.com/en/download/document/SEVD-2019-134-10/"
    }
  ],
  "sourceIdentifier": "cybersecurity@se.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "cybersecurity@se.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2021-09-02 17:15
Modified
2024-11-21 05:50
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
A CWE-787: Out-of-bounds Write vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxureª Control Expert, including all Unity Pro versions (former name of EcoStruxureª Control Expert, all versions), PLC Simulator for EcoStruxureª Process Expert including all HDCS versions (former name of EcoStruxureª Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions).
References
cybersecurity@se.comhttps://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-06Not Applicable
nvd@nist.govhttps://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-04Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-06Not Applicable
Impacted products
Vendor Product Version
schneider-electric modicon_m340_bmxp341000 -
schneider-electric modicon_m340_bmxp342010 -
schneider-electric modicon_m340_bmxp342020 -
schneider-electric modicon_m340_bmxp342030 -
schneider-electric modicon_m580_bmeh582040 -
schneider-electric modicon_m580_bmeh582040c -
schneider-electric modicon_m580_bmeh582040s -
schneider-electric modicon_m580_bmeh584040 -
schneider-electric modicon_m580_bmeh584040c -
schneider-electric modicon_m580_bmeh584040s -
schneider-electric modicon_m580_bmeh586040 -
schneider-electric modicon_m580_bmeh586040c -
schneider-electric modicon_m580_bmeh586040s -
schneider-electric modicon_m580_bmep581020 -
schneider-electric modicon_m580_bmep581020h -
schneider-electric modicon_m580_bmep582020 -
schneider-electric modicon_m580_bmep582020h -
schneider-electric modicon_m580_bmep582040 -
schneider-electric modicon_m580_bmep582040h -
schneider-electric modicon_m580_bmep582040s -
schneider-electric modicon_m580_bmep583020 -
schneider-electric modicon_m580_bmep583040 -
schneider-electric modicon_m580_bmep584020 -
schneider-electric modicon_m580_bmep584040 -
schneider-electric modicon_m580_bmep584040s -
schneider-electric modicon_m580_bmep585040 -
schneider-electric modicon_m580_bmep585040c -
schneider-electric modicon_m580_bmep586040 -
schneider-electric modicon_m580_bmep586040c -
schneider-electric modicon_mc80_bmkc8020301 -
schneider-electric modicon_mc80_bmkc8020310 -
schneider-electric modicon_mc80_bmkc8030311 -
schneider-electric modicon_momentum_171cbu78090 -
schneider-electric modicon_momentum_171cbu98090 -
schneider-electric modicon_momentum_171cbu98091 -
schneider-electric modicon_premium_tsxp57_1634m -
schneider-electric modicon_premium_tsxp57_2634m -
schneider-electric modicon_premium_tsxp57_2834m -
schneider-electric modicon_premium_tsxp57_454m -
schneider-electric modicon_premium_tsxp57_4634m -
schneider-electric modicon_premium_tsxp57_554m -
schneider-electric modicon_premium_tsxp57_5634m -
schneider-electric modicon_premium_tsxp57_6634m -
schneider-electric modicon_quantum_140cpu65150 -
schneider-electric modicon_quantum_140cpu65150c -
schneider-electric modicon_quantum_140cpu65160 -
schneider-electric modicon_quantum_140cpu65160c -
schneider-electric plc_simulator_for_ecostruxure_control_expert -
schneider-electric plc_simulator_for_ecostruxure_process_expert -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "178D2338-E48E-493C-992F-337AACE794DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "833B2455-5D39-4457-9D6F-0CD738A2EB02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99F2F851-C18F-4CB8-B47C-516F2AC7955D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342030:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E472ABB0-5556-4B96-9CEF-2180E24FA7FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F484F8BB-60B5-4045-92C3-0C2A0CD4107E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4F0F823-89EA-451D-81DC-07AACA039371",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "610AE743-9FD1-4149-AD45-3B1DAE268BF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "77116949-1141-432D-964B-29A759939E8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6CE23A2-09CC-4417-A45F-63BCA66C4DD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "97AAD857-95C0-4AE3-8510-CB306E8293F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "07E2FB94-F402-4CF0-BE35-574C1C6528BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E776EE9-A662-4068-A61A-62CAE23C87F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D53BD038-D594-41FF-B3EF-3365C5432AD0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep581020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2317F260-7AA2-4178-B468-03DF36223E26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep581020h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D7DDC42-37A1-43B0-AD46-2E0D098564BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "765E4FEE-255E-4C47-824A-5661B84B490B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582020h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1FEA377-3C45-4F88-B233-088A24BD0771",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBCCDD6D-35CE-4680-8B0C-86584B1D8958",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "68FD5968-C522-4231-A98C-93D3101B6148",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C02B27F6-B8CF-4D3B-9DA6-054F540EA6B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep583020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBC38FF1-693E-4899-883C-1B7B80A52F2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep583040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "002E7F33-6729-4C35-9DDA-7D8383BD5668",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "47DFEBAC-2F1D-4870-8425-2199BF80B425",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC4A1DF2-FF4C-4DBE-BF74-6A4A09E3DECE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6222C1F8-BE52-4666-B7F5-2E8BBC214F70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep585040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5376D9F4-8AFB-4909-A11B-33C54C4220DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep585040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CADB178B-FEFD-48A9-B155-0E8F6D490229",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep586040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B3C1879-269B-47EB-891B-EF2E90C911D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep586040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5771A1A5-3DAF-4869-A24F-F9B0A38B5DA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_mc80_bmkc8020301:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "62B3CEFA-BCF8-4305-B81A-980AA1352515",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_mc80_bmkc8020310:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C1A9EE4-9564-45F6-8CF8-1A820E469B41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_mc80_bmkc8030311:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "026D5E27-E50D-4614-A3EB-C54150C85572",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_momentum_171cbu78090:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B765DF6-1D0A-4191-9AD7-250A7EB691BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_momentum_171cbu98090:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "67152082-E085-4111-98BA-6E9EF14ADB91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_momentum_171cbu98091:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD68FC34-691B-406E-A59D-2596215AE314",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_1634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB98E7F1-DD61-47F5-A6BB-18D75FDFAB70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_2634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39E46898-7206-45C1-9A93-729B5905EF38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_2834m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C97A89AF-103A-4D2A-9EAF-42CEC88A2BCA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_454m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "32B611B6-1138-40DF-848A-A4A10E1DB0F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_4634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF901CCB-1BC4-4EDA-A3D7-ED7523128EAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_554m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4479C318-EE74-4338-B172-EC13D4D62246",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_5634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98A25B72-B3A9-4717-8AA9-B164226DF9D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_6634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "889E9E8B-688E-420E-9A99-AB64BA7ABCDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E3446A5-69F7-4270-93E2-CD5614970698",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65150c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08FE0C5D-3132-48AD-92EB-B7C4277C1FAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65160:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD3F1B7C-7972-463E-930E-F359A402DAF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65160c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC9D2D4D-558B-424E-AB04-429C83F06DB7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:plc_simulator_for_ecostruxure_control_expert:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A63ECFF-261A-4C39-964E-CBC4B97147DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:plc_simulator_for_ecostruxure_process_expert:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B722F22-2CEB-426B-9615-DD3B73A671F4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A CWE-787: Out-of-bounds Write vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxure\u00aa Control Expert, including all Unity Pro versions (former name of EcoStruxure\u00aa Control Expert, all versions), PLC Simulator for EcoStruxure\u00aa Process Expert including all HDCS versions (former name of EcoStruxure\u00aa Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)."
    },
    {
      "lang": "es",
      "value": "Una CWE-787: Una vulnerabilidad de Escritura Fuera de L\u00edmites que podr\u00eda causar una Denegaci\u00f3n de Servicio en el controlador/simulador del PLC Modicon cuando se actualiza la aplicaci\u00f3n del controlador con un archivo de proyecto especialmente dise\u00f1ado se presenta en Modicon M580 CPU (n\u00fameros de pieza BMEP* y BMEH*, todas las versiones), Modicon M340 CPU (n\u00fameros de pieza BMXP34*, todas las versiones), Modicon MC80 (n\u00fameros de pieza BMKC80*, todas las versiones), Modicon Momentum Ethernet CPU (n\u00fameros de pieza 171CBU*, todas las versiones), PLC Simulator para EcoStruxure\u00aa Control Expert, incluidas todas las versiones Unity Pro (antiguo nombre de EcoStruxure\u00aa Control Expert, todas las versiones), PLC Simulator para EcoStruxure\u00aa Process Expert, incluidas todas las versiones HDCS (antiguo nombre de EcoStruxure\u00aa Process Expert, todas las versiones), Modicon Quantum CPU (n\u00fameros de pieza 140CPU*, todas las versiones), Modicon Premium CPU (n\u00fameros de pieza TSXP5*, todas las versiones)"
    }
  ],
  "id": "CVE-2021-22791",
  "lastModified": "2024-11-21T05:50:40.647",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-09-02T17:15:08.290",
  "references": [
    {
      "source": "cybersecurity@se.com",
      "tags": [
        "Not Applicable"
      ],
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-06"
    },
    {
      "source": "nvd@nist.gov",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-04"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Not Applicable"
      ],
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-06"
    }
  ],
  "sourceIdentifier": "cybersecurity@se.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "cybersecurity@se.com",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2017-06-30 03:29
Modified
2024-11-21 03:28
Severity ?
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A Resource Exhaustion issue was discovered in Schneider Electric Modicon M340 PLC BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP341000, BMXP342000, BMXP3420102, BMXP3420102CL, BMXP342020, BMXP342020H, BMXP342030, BMXP3420302, BMXP3420302H, and BMXP342030H. A remote attacker could send a specially crafted set of packets to the PLC causing it to freeze, requiring the operator to physically press the reset button on the PLC in order to recover.
References
ics-cert@hq.dhs.govhttp://www.securityfocus.com/bid/96414Third Party Advisory, VDB Entry
ics-cert@hq.dhs.govhttps://ics-cert.us-cert.gov/advisories/ICSA-17-054-03Mitigation, Third Party Advisory, US Government Resource
ics-cert@hq.dhs.govhttps://www.schneider-electric.com/en/download/document/SEVD-2017-048-02/
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/96414Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://ics-cert.us-cert.gov/advisories/ICSA-17-054-03Mitigation, Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108https://www.schneider-electric.com/en/download/document/SEVD-2017-048-02/
Impacted products
Vendor Product Version
schneider-electric bmxnoc0401_firmware 2.8
schneider-electric bmxnoc0401 -
schneider-electric bmxnoe0100_firmware 2.8
schneider-electric bmxnoe0100 -
schneider-electric bmxnoe0110_firmware 2.8
schneider-electric bmxnoe0110 -
schneider-electric bmxnoe0110h_firmware 2.8
schneider-electric bmxnoe0110h -
schneider-electric bmxnor0200h_firmware 2.8
schneider-electric bmxnor0200h -
schneider-electric modicon_m340_bmxp341000_firmware 2.8
schneider-electric modicon_m340_bmxp341000 -
schneider-electric modicon_m340_bmxp342000_firmware 2.8
schneider-electric modicon_m340_bmxp342000 -
schneider-electric modicon_m340_bmxp3420102_firmware 2.8
schneider-electric modicon_m340_bmxp3420102 -
schneider-electric modicon_m340_bmxp3420102cl_firmware 2.8
schneider-electric modicon_m340_bmxp3420102cl -
schneider-electric modicon_m340_bmxp342020_firmware 2.8
schneider-electric modicon_m340_bmxp342020 -
schneider-electric modicon_m340_bmxp342020h_firmware 2.8
schneider-electric modicon_m340_bmxp342020h -
schneider-electric modicon_m340_bmxp342030_firmware 2.8
schneider-electric modicon_m340_bmxp342030 -
schneider-electric modicon_m340_bmxp3420302_firmware 2.8
schneider-electric modicon_m340_bmxp3420302 -
schneider-electric modicon_m340_bmxp3420302h_firmware 2.8
schneider-electric modicon_m340_bmxp3420302h -
schneider-electric modicon_m340_bmxp342030h_firmware 2.8
schneider-electric modicon_m340_bmxp342030h -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnoc0401_firmware:2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "389C7D02-534F-4FA3-AB3C-B3F39A71900E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnoc0401:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF08654A-FFCB-47D3-AC82-DF7284548962",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnoe0100_firmware:2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BDF7041-ED14-44E4-A6E2-868E2432A2EF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnoe0100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80FC6FF2-D662-4A57-AAA6-BC04351DC779",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnoe0110_firmware:2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "022727EE-C23D-415F-8F61-29C068C0372E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnoe0110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98F3B055-8919-4E09-9827-288F0A03DAFF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnoe0110h_firmware:2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5155A17-6C21-43DF-BB7F-B4CACAC25826",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnoe0110h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E47DB14-EF4B-4E4E-9DA2-B3F6EFA72BF4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnor0200h_firmware:2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0509170-2D6C-4864-841D-30E74A1F4731",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnor0200h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "60D9A366-3394-4275-B884-AE6E7227156E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp341000_firmware:2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "146C7F94-4838-4C53-BB73-7E7F05EAE7D9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "178D2338-E48E-493C-992F-337AACE794DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342000_firmware:2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "393BF977-E478-4396-B9E6-A760C56048BB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D150239-27E2-4CBE-A931-5107C15E362F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102_firmware:2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "D13E4CD0-11DB-4987-A30D-C4D635E35BD2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98212CF5-BCF4-4A55-B62A-484569687B4E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102cl_firmware:2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE26AA5C-40EC-4753-B98C-B6D998630D97",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102cl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D30336F0-EDCF-486C-B52E-D0C53BCDFC65",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC7F40A9-1D33-4ECD-BB3E-A34E8702348E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99F2F851-C18F-4CB8-B47C-516F2AC7955D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020h_firmware:2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E8A1950-48B2-4F0F-BC59-5BE851510B26",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "56BAED8B-EEFA-45D7-A5A3-9B62067CE24C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342030_firmware:2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E2C68F9-36D3-4509-B33C-5AA2836FF4BB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342030:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E472ABB0-5556-4B96-9CEF-2180E24FA7FD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302_firmware:2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "97B3AFA3-A58C-45DE-93C7-5D015F6A3464",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "354968F7-C41B-4C21-8E47-81DC07DF0EA5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302h_firmware:2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DEEDCA0-FF8D-4CED-9799-932168043661",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "075A16D1-F4DF-4DCB-8DF9-152E282CE01F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342030h_firmware:2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "2425E29E-39F0-41FC-8C64-77547F6D6790",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342030h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF9608E7-C9B5-4945-9609-690231DB1B5A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A Resource Exhaustion issue was discovered in Schneider Electric Modicon M340 PLC BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP341000, BMXP342000, BMXP3420102, BMXP3420102CL, BMXP342020, BMXP342020H, BMXP342030, BMXP3420302, BMXP3420302H, and BMXP342030H. A remote attacker could send a specially crafted set of packets to the PLC causing it to freeze, requiring the operator to physically press the reset button on the PLC in order to recover."
    },
    {
      "lang": "es",
      "value": "Se ha descubierto un problema de agotamiento de recursos en Schneider Electric Modicon M340 PLC BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP341000, BMXP342000, BMXP3420102, BMXP3420102CL, BMXP342020, BMXP342020H, BMXP342030, BMXP3420302, BMXP3420302H y BMXP342030H. Un atacante remoto podr\u00eda enviar un conjunto de paquetes manipulados al PLC para congelarlo, lo que requerir\u00eda que el operador presionase f\u00edsicamente el bot\u00f3n reset en el PLC para recuperarlo."
    }
  ],
  "id": "CVE-2017-6017",
  "lastModified": "2024-11-21T03:28:54.620",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-06-30T03:29:00.233",
  "references": [
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/96414"
    },
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "Mitigation",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-054-03"
    },
    {
      "source": "ics-cert@hq.dhs.gov",
      "url": "https://www.schneider-electric.com/en/download/document/SEVD-2017-048-02/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/96414"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mitigation",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-17-054-03"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.schneider-electric.com/en/download/document/SEVD-2017-048-02/"
    }
  ],
  "sourceIdentifier": "ics-cert@hq.dhs.gov",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "ics-cert@hq.dhs.gov",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2020-12-11 01:15
Modified
2024-11-21 05:37
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary
A CWE-425: Direct Request ('Forced Browsing') vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause disclosure of sensitive data when sending a specially crafted request to the controller over HTTP.
References
cybersecurity@se.comhttps://www.se.com/ww/en/download/document/SEVD-2020-343-03/Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.se.com/ww/en/download/document/SEVD-2020-343-03/Vendor Advisory
Impacted products
Vendor Product Version
schneider-electric modicon_m340_bmxp341000_firmware *
schneider-electric modicon_m340_bmxp341000 -
schneider-electric modicon_m340_bmxp342000_firmware *
schneider-electric modicon_m340_bmxp342000 -
schneider-electric modicon_m340_bmxp3420102_firmware *
schneider-electric modicon_m340_bmxp3420102 -
schneider-electric modicon_m340_bmxp3420102cl_firmware *
schneider-electric modicon_m340_bmxp3420102cl -
schneider-electric modicon_m340_bmxp342020_firmware *
schneider-electric modicon_m340_bmxp342020 -
schneider-electric modicon_m340_bmxp3420302_firmware *
schneider-electric modicon_m340_bmxp3420302 -
schneider-electric modicon_m340_bmxp3420302cl_firmware *
schneider-electric modicon_m340_bmxp3420302cl -
schneider-electric bmxnoe0100_firmware *
schneider-electric bmxnoe0100 -
schneider-electric bmxnoe0110_firmware *
schneider-electric bmxnoe0110 -
schneider-electric bmxnoc0401_firmware *
schneider-electric bmxnoc0401 -
schneider-electric tsxp574634_firmware *
schneider-electric tsxp574634 -
schneider-electric tsxp575634_firmware *
schneider-electric tsxp575634 -
schneider-electric tsxp576634_firmware *
schneider-electric tsxp576634 -
schneider-electric tsxety4103_firmware *
schneider-electric tsxety4103 -
schneider-electric tsxety5103_firmware *
schneider-electric tsxety5103 -
schneider-electric 140cpu65150_firmware *
schneider-electric 140cpu65150 -
schneider-electric 140noe77111_firmware *
schneider-electric 140noe77111 -
schneider-electric 140noc78100_firmware *
schneider-electric 140noc78100 -
schneider-electric 140noc78000_firmware *
schneider-electric 140noc78000 -
schneider-electric 140noc77101_firmware *
schneider-electric 140noc77101 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp341000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C440362A-7E0E-497C-B275-409E9B57D8A2",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "178D2338-E48E-493C-992F-337AACE794DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6ACCC66-4075-4EE9-A6BA-01EF7529C568",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D150239-27E2-4CBE-A931-5107C15E362F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD031F4E-9F3C-4035-AFB8-B7442F1B2475",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98212CF5-BCF4-4A55-B62A-484569687B4E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102cl_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C1D1498-1069-4080-8EB4-3BA6C0DC2CEA",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102cl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D30336F0-EDCF-486C-B52E-D0C53BCDFC65",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5481772-5E18-4985-A5E5-F7223B52A90B",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99F2F851-C18F-4CB8-B47C-516F2AC7955D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A83CF92-F35F-416F-B571-CA5600BF671F",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "354968F7-C41B-4C21-8E47-81DC07DF0EA5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302cl_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E506AD9-C302-4D41-B971-46DE19AF83FB",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302cl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "32091F91-9397-4506-8801-C68B9E8B60F0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnoe0100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BCDF059-40BF-4A32-9932-A7A744E6F295",
              "versionEndExcluding": "3.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnoe0100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80FC6FF2-D662-4A57-AAA6-BC04351DC779",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnoe0110_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E001828-1A7D-4C8B-95FC-046652D3EF07",
              "versionEndExcluding": "6.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnoe0110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98F3B055-8919-4E09-9827-288F0A03DAFF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnoc0401_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "887976CC-8244-4D86-9941-BA82BC1AB6C2",
              "versionEndExcluding": "2.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnoc0401:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF08654A-FFCB-47D3-AC82-DF7284548962",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp574634_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "19D112F4-50CB-4EFE-B0EA-43A732A22283",
              "versionEndExcluding": "6.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp574634:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "76B1122A-56A2-44BB-8648-C6E96D1966D9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp575634_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EDD6B6C-FF2A-4960-AFD6-9DF4B4F7FD5E",
              "versionEndExcluding": "6.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp575634:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0678A50-FE23-49BD-A6CF-A7094EFDAFA1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp576634_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CB6318A-9AEF-4C9D-9678-05208026AC8A",
              "versionEndExcluding": "6.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp576634:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "38F83CCC-4A66-4D47-A563-777A16028F3B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxety4103_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "92C280EA-9C52-47A9-AA1E-B0AA9C1F67F2",
              "versionEndExcluding": "6.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxety4103:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "18B13865-038C-4073-955A-36E6F5037C2C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxety5103_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C093ECB-B977-4346-9E0E-DC30DD762055",
              "versionEndExcluding": "6.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxety5103:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A901BF2-9316-4067-9AFC-8A7CB3549F68",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F419FC54-72D9-488F-9B0F-C12CEA213089",
              "versionEndExcluding": "6.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC3E5496-C3D0-4DF4-A9AF-F227F889840E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140noe77111_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4570480E-3787-4263-AB51-8AD0B62969CB",
              "versionEndExcluding": "7.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140noe77111:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CBDCA32-398A-4AC3-A477-DEF9ACD4D3F4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140noc78100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCD74F63-7BA1-498F-977F-FCA90B5968AA",
              "versionEndExcluding": "1.74",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140noc78100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1067FDEA-33BC-4AA9-AC5B-099BA757065B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140noc78000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD80E512-2D78-4375-8DBB-D12E5F0AF484",
              "versionEndExcluding": "1.74",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140noc78000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "876CE5BA-B45D-4FFD-8176-E26181DAC355",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140noc77101_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAA8F733-513D-458A-A1ED-849A3DE8F5FD",
              "versionEndExcluding": "1.08",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140noc77101:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B688E46-6D5B-4197-BBA2-23F361E656E0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A CWE-425: Direct Request (\u0027Forced Browsing\u0027) vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause disclosure of sensitive data when sending a specially crafted request to the controller over HTTP."
    },
    {
      "lang": "es",
      "value": "Una CWE-425: Se presenta una vulnerabilidad Petici\u00f3n Directa (\"Forced Browsing\") en el Servidor Web en Modicon M340, Legacy Offers Modicon Quantum y Modicon Premium y M\u00f3dulos de Comunicaci\u00f3n asociados (consulte la notificaci\u00f3n de seguridad para las versiones afectadas), que podr\u00eda causar una divulgaci\u00f3n de datos confidenciales cuando se env\u00eda una petici\u00f3n especialmente dise\u00f1ada hacia el controlador a trav\u00e9s de HTTP"
    }
  ],
  "id": "CVE-2020-7541",
  "lastModified": "2024-11-21T05:37:20.717",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-12-11T01:15:12.457",
  "references": [
    {
      "source": "cybersecurity@se.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-03/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-03/"
    }
  ],
  "sourceIdentifier": "cybersecurity@se.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-425"
        }
      ],
      "source": "cybersecurity@se.com",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2022-02-11 18:15
Modified
2024-11-21 05:50
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A CWE-787: Out-of-bounds Write vulnerability exists that could cause denial of service when an attacker sends a specially crafted HTTP request to the web server of the device. Affected Product: Modicon M340 CPUs: BMXP34 (Versions prior to V3.40), Modicon M340 X80 Ethernet Communication Modules: BMXNOE0100 (H), BMXNOE0110 (H), BMXNOC0401, BMXNOR0200H RTU (All Versions), Modicon Premium Processors with integrated Ethernet (Copro): TSXP574634, TSXP575634, TSXP576634 (All Versions), Modicon Quantum Processors with Integrated Ethernet (Copro): 140CPU65xxxxx (All Versions), Modicon Quantum Communication Modules: 140NOE771x1, 140NOC78x00, 140NOC77101 (All Versions), Modicon Premium Communication Modules: TSXETY4103, TSXETY5103 (All Versions)
References
cybersecurity@se.comhttps://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-257-02Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-257-02Patch, Vendor Advisory
Impacted products
Vendor Product Version
schneider-electric modicon_m340_bmxp342020_firmware *
schneider-electric modicon_m340_bmxp342020 -
schneider-electric bmxnoe0100_firmware *
schneider-electric bmxnoe0100 -
schneider-electric bmxnoe0110_firmware *
schneider-electric bmxnoe0110 -
schneider-electric bmxnoc0401_firmware *
schneider-electric bmxnoc0401 -
schneider-electric bmxnor0200h_rtu_firmware *
schneider-electric bmxnor0200h_rtu -
schneider-electric tsxp574634_firmware *
schneider-electric tsxp574634 -
schneider-electric tsxp575634_firmware *
schneider-electric tsxp575634 -
schneider-electric tsxp576634_firmware *
schneider-electric tsxp576634 -
schneider-electric 140cpu65150_firmware *
schneider-electric 140cpu65150 -
schneider-electric 140noe771x1_firmware *
schneider-electric 140noe771x1 -
schneider-electric 140noc78x00_firmware *
schneider-electric 140noc78x00 -
schneider-electric 140noc77101_firmware *
schneider-electric 140noc77101 -
schneider-electric tsxety4103_firmware *
schneider-electric tsxety4103 -
schneider-electric tsxety5103_firmware *
schneider-electric tsxety5103 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "866BFE7D-D688-40B1-B6E9-B140529001C3",
              "versionEndExcluding": "3.40",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99F2F851-C18F-4CB8-B47C-516F2AC7955D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnoe0100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E00817A-E140-418F-93AB-A9B516F090A7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnoe0100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80FC6FF2-D662-4A57-AAA6-BC04351DC779",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnoe0110_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2F33A35-37ED-41AD-94A2-34FEA8E7259B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnoe0110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98F3B055-8919-4E09-9827-288F0A03DAFF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnoc0401_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEF0DA3B-F89B-487D-AAE6-AEA88E28055A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnoc0401:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF08654A-FFCB-47D3-AC82-DF7284548962",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnor0200h_rtu_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9318D16-AA6D-4DE4-B812-D995B291E802",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnor0200h_rtu:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D792EDB-A93E-495B-AF0A-486C9AC6BACA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp574634_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C32BDE35-7AC6-44C3-8135-BAA128B44559",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp574634:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "76B1122A-56A2-44BB-8648-C6E96D1966D9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp575634_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CAEBC02-9BA6-4D36-AC3D-E1CE531F918E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp575634:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0678A50-FE23-49BD-A6CF-A7094EFDAFA1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp576634_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "23918D88-851B-480E-972E-EB48CAFA7AF4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp576634:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "38F83CCC-4A66-4D47-A563-777A16028F3B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8048EA69-8FC8-4415-BA20-D2813F8BD83D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC3E5496-C3D0-4DF4-A9AF-F227F889840E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140noe771x1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1468EBB2-8AD8-4886-B4A9-13D1F34EFD8B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140noe771x1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6EFD78F-DB37-4407-A91C-9D01FA9CAF2F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140noc78x00_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6E80811-AE57-4B01-B3D5-4B346A9F3D8F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140noc78x00:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F4A72EA-E15A-4C31-B0F3-6B9EB48A09B2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140noc77101_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "10B16121-8DC3-4EA1-AC7B-D611A1C3C9A4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140noc77101:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B688E46-6D5B-4197-BBA2-23F361E656E0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxety4103_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "066E3E6C-8A0E-4360-A4ED-32A84B7647FC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxety4103:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "18B13865-038C-4073-955A-36E6F5037C2C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxety5103_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7B418F6-DCED-40B9-8B35-DC50FD8EF6FD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxety5103:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A901BF2-9316-4067-9AFC-8A7CB3549F68",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A CWE-787: Out-of-bounds Write vulnerability exists that could cause denial of service when an attacker sends a specially crafted HTTP request to the web server of the device. Affected Product: Modicon M340 CPUs: BMXP34 (Versions prior to V3.40), Modicon M340 X80 Ethernet Communication Modules: BMXNOE0100 (H), BMXNOE0110 (H), BMXNOC0401, BMXNOR0200H RTU (All Versions), Modicon Premium Processors with integrated Ethernet (Copro): TSXP574634, TSXP575634, TSXP576634 (All Versions), Modicon Quantum Processors with Integrated Ethernet (Copro): 140CPU65xxxxx (All Versions), Modicon Quantum Communication Modules: 140NOE771x1, 140NOC78x00, 140NOC77101 (All Versions), Modicon Premium Communication Modules: TSXETY4103, TSXETY5103 (All Versions)"
    },
    {
      "lang": "es",
      "value": "Una CWE-787: Se presenta una vulnerabilidad de Escritura Fuera de L\u00edmites que podr\u00eda causar una denegaci\u00f3n de servicio cuando un atacante env\u00eda una petici\u00f3n HTTP especialmente dise\u00f1ada al servidor web del dispositivo. Producto afectado: CPUs Modicon M340: BMXP34 (Versiones anteriores a V3.40), M\u00f3dulos de Comunicaci\u00f3n Ethernet Modicon M340 X80: BMXNOE0100 (H), BMXNOE0110 (H), BMXNOC0401, BMXNOR0200H RTU (Todas las versiones), Procesadores Modicon Premium con Ethernet integrada (Copro): TSXP574634, TSXP575634, TSXP576634 (Todas las versiones), Procesadores Modicon Quantum con Ethernet integrado (Copro): 140CPU65xxxxx (Todas las versiones), M\u00f3dulos de comunicaci\u00f3n Modicon Quantum: 140NOE771x1, 140NOC78x00, 140NOC77101 (Todas las versiones), M\u00f3dulos de comunicaci\u00f3n Modicon Premium: TSXETY4103, TSXETY5103 (todas las versiones)"
    }
  ],
  "id": "CVE-2021-22788",
  "lastModified": "2024-11-21T05:50:40.227",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-02-11T18:15:09.057",
  "references": [
    {
      "source": "cybersecurity@se.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-257-02"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-257-02"
    }
  ],
  "sourceIdentifier": "cybersecurity@se.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "cybersecurity@se.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2018-04-18 20:29
Modified
2024-11-21 04:12
Severity ?
9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
An authorization bypass vulnerability exists in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200. Requests to CGI functions allow malicious users to bypass authorization.
References
cybersecurity@se.comhttps://www.schneider-electric.com/en/download/document/SEVD-2018-081-02/Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.schneider-electric.com/en/download/document/SEVD-2018-081-02/Vendor Advisory
Impacted products
Vendor Product Version
schneider-electric bmxnor0200_firmware -
schneider-electric bmxnor0200 -
schneider-electric bmxnor0200h_firmware -
schneider-electric bmxnor0200h -
schneider-electric 140cpu65150_firmware -
schneider-electric 140cpu65150 -
schneider-electric 140cpu31110_firmware -
schneider-electric 140cpu31110 -
schneider-electric 140cpu43412u_firmware -
schneider-electric 140cpu43412u -
schneider-electric 140cpu65160_firmware -
schneider-electric 140cpu65160 -
schneider-electric 140cpu65260_firmware -
schneider-electric 140cpu65260 -
schneider-electric 140cpu65860_firmware -
schneider-electric 140cpu65860 -
schneider-electric 140cpu65160s_firmware -
schneider-electric 140cpu65160s -
schneider-electric 140cpu65150c_firmware -
schneider-electric 140cpu65150c -
schneider-electric 140cpu31110c_firmware -
schneider-electric 140cpu31110c -
schneider-electric 140cpu43412uc_firmware -
schneider-electric 140cpu43412uc -
schneider-electric 140cpu65160c_firmware -
schneider-electric 140cpu65160c -
schneider-electric 140cpu65160c_firmware -
schneider-electric 140cpu65160c -
schneider-electric 140cpu65260c_firmware -
schneider-electric 140cpu65260c -
schneider-electric 140cpu65860c_firmware -
schneider-electric 140cpu65860c -
schneider-electric modicon_m340_bmxp341000_firmware -
schneider-electric modicon_m340_bmxp341000 -
schneider-electric modicon_m340_bmxp342000_firmware -
schneider-electric modicon_m340_bmxp342000 -
schneider-electric modicon_m340_bmxp3420102_firmware -
schneider-electric modicon_m340_bmxp3420102 -
schneider-electric modicon_m340_bmxp3420102cl_firmware -
schneider-electric modicon_m340_bmxp3420102cl -
schneider-electric modicon_m340_bmxp342020_firmware -
schneider-electric modicon_m340_bmxp342020 -
schneider-electric modicon_m340_bmxp3420302_firmware -
schneider-electric modicon_m340_bmxp3420302 -
schneider-electric modicon_m340_bmxp3420302cl_firmware -
schneider-electric modicon_m340_bmxp3420302cl -
schneider-electric modicon_m340_bmxp3420302h_firmware -
schneider-electric modicon_m340_bmxp3420302h -
schneider-electric modicon_m340_bmxp342020h_firmware -
schneider-electric modicon_m340_bmxp342020h -
schneider-electric modicon_m340_bmxp341000h_firmware -
schneider-electric modicon_m340_bmxp341000h -
schneider-electric tsxh5724m_firmware -
schneider-electric tsxh5724m -
schneider-electric tsxh5744m_firmware -
schneider-electric tsxh5744m -
schneider-electric tsxp57104m_firmware -
schneider-electric tsxp57104m -
schneider-electric tsxp57154m_firmware -
schneider-electric tsxp57154m -
schneider-electric tsxp571634m_firmware -
schneider-electric tsxp571634m -
schneider-electric tsxp57204m_firmware -
schneider-electric tsxp57204m -
schneider-electric tsxp57254m_firmware -
schneider-electric tsxp57254m -
schneider-electric tsxp572634m_firmware -
schneider-electric tsxp572634m -
schneider-electric tsxp57304m_firmware -
schneider-electric tsxp57304m -
schneider-electric tsxp57354m_firmware -
schneider-electric tsxp57354m -
schneider-electric tsxp573634m_firmware -
schneider-electric tsxp573634m -
schneider-electric tsxp57454m_firmware -
schneider-electric tsxp57454m -
schneider-electric tsxp574634m_firmware -
schneider-electric tsxp574634m -
schneider-electric tsxp575634m_firmware -
schneider-electric tsxp575634m -
schneider-electric tsxp576634m_firmware -
schneider-electric tsxp576634m -
schneider-electric tsxh5724mc_firmware -
schneider-electric tsxh5724mc -
schneider-electric tsxh5744mc_firmware -
schneider-electric tsxh5744mc -
schneider-electric tsxp57104mc_firmware -
schneider-electric tsxp57104mc -
schneider-electric tsxp57154mc_firmware -
schneider-electric tsxp57154mc -
schneider-electric tsxp571634mc_firmware -
schneider-electric tsxp571634mc -
schneider-electric tsxp57204mc_firmware -
schneider-electric tsxp57204mc -
schneider-electric tsxp57254mc_firmware -
schneider-electric tsxp57254mc -
schneider-electric tsxp572634mc_firmware -
schneider-electric tsxp572634mc -
schneider-electric tsxp57304mc_firmware -
schneider-electric tsxp57304mc -
schneider-electric tsxp57354mc_firmware -
schneider-electric tsxp57354mc -
schneider-electric tsxp573634mc_firmware -
schneider-electric tsxp573634mc -
schneider-electric tsxp57454mc_firmware -
schneider-electric tsxp57454mc -
schneider-electric tsxp574634mc_firmware -
schneider-electric tsxp574634mc -
schneider-electric tsxp57554mc_firmware -
schneider-electric tsxp57554mc -
schneider-electric tsxp575634mc_firmware -
schneider-electric tsxp575634mc -
schneider-electric tsxp576634mc_firmware -
schneider-electric tsxp576634mc -
schneider-electric tsxh5724m_firmware -
schneider-electric tsxh5724m -
schneider-electric tsxh5744mc_firmware -
schneider-electric tsxh5744mc -
schneider-electric tsxp57554m_firmware -
schneider-electric tsxp57554m -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnor0200_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAA48015-57C1-4371-8B9D-FFDEE461D227",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnor0200:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABF43229-1E2E-493A-B44F-DD2870559A93",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnor0200h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D0B4021-E058-4B5B-823B-BB1C0A939E30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnor0200h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "60D9A366-3394-4275-B884-AE6E7227156E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65150_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7003BE27-3D26-46F9-BF51-5E026EA2AED6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC3E5496-C3D0-4DF4-A9AF-F227F889840E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu31110_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A37B3D0A-D1AA-494F-B26B-70BA8D1E8D6F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu31110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F363F812-4BF2-450C-BC40-48A136746B9E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu43412u_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B36E6DC-D407-4A3B-9ED3-1683EEE83299",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu43412u:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B87C8629-A8CF-4B8E-AB03-0425C30A40C3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65160_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E092BBB-F315-4541-B8B2-BF9E1B75B041",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65160:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2C2AF70-F0BB-4D17-901C-1FCBECDC44FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65260_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D5F2BE6-CF9E-48BB-B525-6B8F4C0B203E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65260:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D7304B0-EE18-454B-B3F0-5EF387285D90",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65860_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FECDF56E-7F6B-4048-AAAA-0D80C685F6D9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65860:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B8230FD-0C0A-467C-9BAD-09257739D462",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65160s_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "616C2139-6063-4BB1-84C0-AECDBB9EC86C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65160s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "95E48F27-F241-4491-AFF7-8BD562F21A52",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65150c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAA5A94A-09A0-4606-8DAE-0CDE1A372483",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65150c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "51A2EB59-CCEE-4123-8344-764959B32C3C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu31110c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEE31953-8AEA-45AB-81A1-BCE9AC78A48D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu31110c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "33B887DA-75CD-465C-8B02-4DF1A063F3B9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu43412uc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "09F9986A-4089-429E-BFD7-131C3BE98B9E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu43412uc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "38AC4E35-E020-4E54-B1F7-01F4A9D9DEC7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65160c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A75F5C8-3341-4C4A-8660-F002AD07702F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65160c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1A9B6A4-BAA6-4982-A27B-2B9D5F0E7178",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65160c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A75F5C8-3341-4C4A-8660-F002AD07702F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65160c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1A9B6A4-BAA6-4982-A27B-2B9D5F0E7178",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65260c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BE1F4A9-D2EA-4A5B-8F9A-EFD961D4F49D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65260c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "106C756F-1A0D-486F-BA83-F1F6D9D5661E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65860c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1472068B-ECE2-46F4-AC91-43F5AFCA8C52",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65860c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E33E1CF-BD62-4638-AD44-30A19063FCD5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp341000_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EC4B64B-CF0F-46CE-91FB-6A320F83B190",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "178D2338-E48E-493C-992F-337AACE794DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342000_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "64041ACC-0BF1-45F7-B1AB-6C836BD606BB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D150239-27E2-4CBE-A931-5107C15E362F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D597D553-9E36-453A-8C82-FCBB38E6DE49",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98212CF5-BCF4-4A55-B62A-484569687B4E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102cl_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC0A5B21-421E-4E89-A408-D9B1639D0902",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102cl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D30336F0-EDCF-486C-B52E-D0C53BCDFC65",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6B88FC3-8FD3-4A2F-A2F0-BE6E29CB7D4F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99F2F851-C18F-4CB8-B47C-516F2AC7955D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F8EA70F-DD0C-4835-AA65-2B826807756B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "354968F7-C41B-4C21-8E47-81DC07DF0EA5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302cl_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "55DE4493-EC66-4A65-ACF1-085FEE3E350B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302cl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "32091F91-9397-4506-8801-C68B9E8B60F0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3E85D90-A4B8-46B9-B654-84CD68FCF658",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "075A16D1-F4DF-4DCB-8DF9-152E282CE01F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "86AA8980-5D94-4B49-858C-E24290AE8D36",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "56BAED8B-EEFA-45D7-A5A3-9B62067CE24C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp341000h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6520258-C8F2-48B3-AB65-281F46ECC6D7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "69222495-4F18-434E-B86C-F63C5A2C1242",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxh5724m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4DD1A18C-9B62-40C2-99CF-3A68544726EB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxh5724m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1F56BA4-6A19-44FB-8555-7360C77F83AF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxh5744m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A3D6BEFC-72CD-44D8-957A-EC09429C5B01",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxh5744m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B57B894-5AA4-4412-B425-7338CB2FFA3C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57104m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9DEC794-B68A-40DC-8F84-00CBEB8864DE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57104m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "587226C6-6BE2-4A42-B593-34498F647B24",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57154m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "70BC8D38-1297-43F7-864F-693979F17BB4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57154m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CC8F0AB-C4A8-40B3-88E0-92F52EA05692",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp571634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8BAC53A2-F2DA-41C5-9699-EC421B3143E1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp571634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "31A5DCC8-9E3D-4919-9DE3-73FC8733E73D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57204m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "64F1346D-8D14-498D-A692-C1A5A0EF9378",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57204m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3202C35B-3356-43FA-84C1-A2444665EA56",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57254m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B6C1584-7ABD-427B-8321-1F5C8D3948A2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57254m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57B75D71-11CA-4DDF-849A-08A9D84C95AC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp572634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9B7568D-8C01-4268-BAB6-A4849BFD3FA4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp572634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA2094F4-976F-44FA-A7E5-93E20A80DA00",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57304m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "62618355-F206-4112-95D0-4555377AB20F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57304m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5FDBAB3-C8C2-47F6-ACAA-B89BA53849B9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57354m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "786D8BB6-FD4D-41FB-BECB-8E4A70DA2BB1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57354m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAE46047-D9AF-4720-A130-A0F989423F82",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp573634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FC7B128-2CCC-46BA-B3EC-BF4AD8A788C3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp573634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80500883-2825-46DD-8ED9-4F324A4494CC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57454m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C14B9070-7919-40FE-AE5E-C56F88D87000",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57454m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC537593-1AB7-438E-AB71-EDB469A1DFF7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp574634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D634770-DB1F-43EF-AD2C-9351BD92D3BC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp574634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE60505D-0211-4E8C-B32C-988E25698B1E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp575634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E490099-5E81-464C-9790-7A1DCF112A5F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp575634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "57BF89C2-27F8-4FF5-9E4F-4F0CB6C2F0E9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp576634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6E5F731-F702-4F83-AE10-E3C3009625D6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp576634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71146321-B31B-4C5B-A600-2E414D84916E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxh5724mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "60C65BC1-802C-4877-81C7-247D23CC5A9D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxh5724mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "09680CF4-5A88-4DEB-BD05-44BA24685098",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxh5744mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "725B442B-06BD-401A-B91C-5A2C490559F6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxh5744mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EB49EB2-5F90-49EA-BD95-52BF6F5B5FE3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57104mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B26315A-DA7B-48DC-93D2-ED292095CDB5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57104mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "13D605BE-1CB9-4954-BF09-BA666E722BC7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57154mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF6F4125-6D52-4788-B5BA-C4022C8079C5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57154mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5030BD7-A01B-4069-800B-0A91F55D14E4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp571634mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "00916712-0D0F-41FF-A977-95F98637FA27",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp571634mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "560A0D6E-6A0C-46E6-9216-C3369594B2FC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57204mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F3A2B5D-BEE1-4504-8196-B29EB0CC5A9A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57204mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "12D1C05A-AD02-43F1-B508-DC0ED0F269EC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57254mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "403ABCAE-2F5F-4E3B-9DDF-2E8E554CC9B2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57254mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "588F84BE-C0F5-4271-BE93-7EB721885390",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp572634mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "42C42113-3B11-4F71-8509-07758903AFEF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp572634mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91E32B09-3874-4198-BA17-332811B313CE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57304mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "27D4613F-7210-411C-B4D7-BC4EF5629686",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57304mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D70CDDC-9CE8-4766-8251-B87C1BE5F693",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57354mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "03B5326F-97AF-45EC-8F47-A449718A6A0C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57354mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F60FE0FD-2283-460D-98D6-7FDAF370F951",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp573634mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "612F0F44-8611-4F22-88E2-E085094418B3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp573634mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "77CBF69B-2CB1-4FD7-8004-BA76E1DD832C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57454mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8FF4C1F-1883-40F2-B966-0A282B26C503",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57454mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5647F4AB-8D54-42F9-BFF3-5AA22D07E694",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp574634mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "93134D1F-3F9C-42CC-B050-2FE4A41ECEA5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp574634mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE0A6EF5-9A76-4985-9411-44184BA51303",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57554mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CBE84C1-A5B1-4E8B-9CE1-D3243D7FD228",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57554mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A3B77B6-AAF8-456C-8B04-3623EB0E968E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp575634mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A88E0D7A-31DE-42E2-931A-E428B4515B2F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp575634mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AAD43A71-5615-4A3D-8AB9-F714827ADEE5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp576634mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD593582-806E-4C6D-B07A-CB31161AEFA6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp576634mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "827D5E75-1491-4485-B22B-E81AC90B923C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxh5724m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4DD1A18C-9B62-40C2-99CF-3A68544726EB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxh5724m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1F56BA4-6A19-44FB-8555-7360C77F83AF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxh5744mc_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "725B442B-06BD-401A-B91C-5A2C490559F6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxh5744mc:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EB49EB2-5F90-49EA-BD95-52BF6F5B5FE3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57554m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "24DE3518-2898-4D71-80ED-8C73FFE9E436",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57554m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5572E616-5D86-46FF-AEA7-4A12E66F0ED4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An authorization bypass vulnerability exists in Schneider Electric\u0027s Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200. Requests to CGI functions allow malicious users to bypass authorization."
    },
    {
      "lang": "es",
      "value": "Existe una vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n en Modicon M340, Modicon Premium, Modicon Quantum PLC y BMXNOR0200, de Schneider Electric. Las peticiones a funciones CGI permiten que usuarios maliciosos omitan la autorizaci\u00f3n."
    }
  ],
  "id": "CVE-2018-7760",
  "lastModified": "2024-11-21T04:12:41.097",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-04-18T20:29:00.747",
  "references": [
    {
      "source": "cybersecurity@se.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-081-02/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.schneider-electric.com/en/download/document/SEVD-2018-081-02/"
    }
  ],
  "sourceIdentifier": "cybersecurity@se.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2022-09-12 18:15
Modified
2024-11-21 07:14
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability exists that could cause unauthorized access in read and write mode to the controller when communicating over Modbus. Affected Products: EcoStruxure Control Expert Including all Unity Pro versions (former name of EcoStruxure Control Expert) (V15.0 SP1 and prior), EcoStruxure Process Expert, Including all versions of EcoStruxure Hybrid DCS (former name of EcoStruxure Process Expert) (V2021 and prior), Modicon M340 CPU (part numbers BMXP34*) (V3.40 and prior), Modicon M580 CPU (part numbers BMEP* and BMEH*) (V3.20 and prior).
References
cybersecurity@se.comhttps://www.se.com/us/en/download/document/SEVD-2022-221-01/Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.se.com/us/en/download/document/SEVD-2022-221-01/Patch, Vendor Advisory
Impacted products
Vendor Product Version
schneider-electric ecostruxure_control_expert *
schneider-electric ecostruxure_process_expert *
schneider-electric modicon_m340_bmxp341000_firmware *
schneider-electric modicon_m340_bmxp341000 -
schneider-electric modicon_m340_bmxp342000_firmware *
schneider-electric modicon_m340_bmxp342000 -
schneider-electric modicon_m340_bmxp342010_firmware *
schneider-electric modicon_m340_bmxp342010 -
schneider-electric modicon_m340_bmxp3420102_firmware *
schneider-electric modicon_m340_bmxp3420102 -
schneider-electric modicon_m340_bmxp342020_firmware *
schneider-electric modicon_m340_bmxp342020 -
schneider-electric modicon_m340_bmxp342020h_firmware *
schneider-electric modicon_m340_bmxp342020h -
schneider-electric modicon_m340_bmxp342030_firmware *
schneider-electric modicon_m340_bmxp342030 -
schneider-electric modicon_m340_bmxp3420302_firmware *
schneider-electric modicon_m340_bmxp3420302 -
schneider-electric modicon_m340_bmxp3420302h_firmware *
schneider-electric modicon_m340_bmxp3420302h -
schneider-electric modicon_m340_bmxp342030h_firmware *
schneider-electric modicon_m340_bmxp342030h -
schneider-electric modicon_m580_bmeh582040_firmware *
schneider-electric modicon_m580_bmeh582040 -
schneider-electric modicon_m580_bmeh582040c_firmware *
schneider-electric modicon_m580_bmeh582040c -
schneider-electric modicon_m580_bmeh582040s_firmware *
schneider-electric modicon_m580_bmeh582040s -
schneider-electric modicon_m580_bmeh584040_firmware *
schneider-electric modicon_m580_bmeh584040 -
schneider-electric modicon_m580_bmeh584040c_firmware *
schneider-electric modicon_m580_bmeh584040c -
schneider-electric modicon_m580_bmeh584040s_firmware *
schneider-electric modicon_m580_bmeh584040s -
schneider-electric modicon_m580_bmeh586040_firmware *
schneider-electric modicon_m580_bmeh586040 -
schneider-electric modicon_m580_bmeh586040c_firmware *
schneider-electric modicon_m580_bmeh586040c -
schneider-electric modicon_m580_bmeh586040s_firmware *
schneider-electric modicon_m580_bmeh586040s -
schneider-electric modicon_m580_bmep581020_firmware *
schneider-electric modicon_m580_bmep581020 -
schneider-electric modicon_m580_bmep581020h_firmware *
schneider-electric modicon_m580_bmep581020h -
schneider-electric modicon_m580_bmep582020_firmware *
schneider-electric modicon_m580_bmep582020 -
schneider-electric modicon_m580_bmep582020h_firmware *
schneider-electric modicon_m580_bmep582020h -
schneider-electric modicon_m580_bmep582040_firmware *
schneider-electric modicon_m580_bmep582040 -
schneider-electric modicon_m580_bmep582040h_firmware *
schneider-electric modicon_m580_bmep582040h -
schneider-electric modicon_m580_bmep583020_firmware *
schneider-electric modicon_m580_bmep583020 -
schneider-electric modicon_m580_bmep583040_firmware *
schneider-electric modicon_m580_bmep583040 -
schneider-electric modicon_m580_bmep584020_firmware *
schneider-electric modicon_m580_bmep584020 -
schneider-electric modicon_m580_bmep584040_firmware *
schneider-electric modicon_m580_bmep584040 -
schneider-electric modicon_m580_bmep584040s_firmware *
schneider-electric modicon_m580_bmep584040s -
schneider-electric modicon_m580_bmep585040_firmware *
schneider-electric modicon_m580_bmep585040 -
schneider-electric modicon_m580_bmep585040c_firmware *
schneider-electric modicon_m580_bmep585040c -
schneider-electric modicon_m580_bmep586040_firmware *
schneider-electric modicon_m580_bmep586040 -
schneider-electric modicon_m580_bmep586040c_firmware *
schneider-electric modicon_m580_bmep586040c -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:schneider-electric:ecostruxure_control_expert:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DCC0C29-32C2-4463-B98F-AB4B56FF5314",
              "versionEndExcluding": "15.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:schneider-electric:ecostruxure_process_expert:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E122BBC5-DF05-4449-826A-070B128D8BBE",
              "versionEndIncluding": "2021",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp341000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB94CE0B-D2AE-4AD5-9BB3-FF73F3F081F0",
              "versionEndExcluding": "3.50",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "178D2338-E48E-493C-992F-337AACE794DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8E4C660-7603-47D4-A0E4-D8755B1C84CC",
              "versionEndExcluding": "3.50",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D150239-27E2-4CBE-A931-5107C15E362F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342010_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0594267D-0107-4E43-A783-7C557779E944",
              "versionEndExcluding": "3.50",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "833B2455-5D39-4457-9D6F-0CD738A2EB02",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4C75AF4-DB31-491B-8635-E7E0E3614476",
              "versionEndExcluding": "3.50",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98212CF5-BCF4-4A55-B62A-484569687B4E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6360DC2-1801-412F-867A-D8C62BC0E2A4",
              "versionEndExcluding": "3.50",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99F2F851-C18F-4CB8-B47C-516F2AC7955D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020h_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C34A2C5B-731C-4809-9FE8-3D897AD9A3F8",
              "versionEndExcluding": "3.50",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "56BAED8B-EEFA-45D7-A5A3-9B62067CE24C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342030_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "708E8DA4-1D49-4B68-A626-8E936C054B33",
              "versionEndExcluding": "3.50",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342030:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E472ABB0-5556-4B96-9CEF-2180E24FA7FD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "769B8B46-3965-43C0-8049-A6D786E82FAB",
              "versionEndExcluding": "3.50",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "354968F7-C41B-4C21-8E47-81DC07DF0EA5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302h_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CEB5579A-5AB3-40CD-9C22-96207696BB32",
              "versionEndExcluding": "3.50",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "075A16D1-F4DF-4DCB-8DF9-152E282CE01F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342030h_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFFEE13B-685A-4590-839D-A32A98D4C012",
              "versionEndExcluding": "3.50",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342030h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF9608E7-C9B5-4945-9609-690231DB1B5A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh582040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "745D3106-80E9-4350-9C79-E4B9FA77D775",
              "versionEndExcluding": "4.02",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F484F8BB-60B5-4045-92C3-0C2A0CD4107E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh582040c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "35661AEB-E386-4574-86A2-D2BEC19D9B5A",
              "versionEndExcluding": "4.02",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4F0F823-89EA-451D-81DC-07AACA039371",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh582040s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B740450-E707-4464-B60B-22C70FC40ECD",
              "versionEndExcluding": "4.02",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "610AE743-9FD1-4149-AD45-3B1DAE268BF9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh584040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "630B4FCE-4284-49C1-898E-E6ADFE174E9B",
              "versionEndExcluding": "4.02",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "77116949-1141-432D-964B-29A759939E8F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh584040c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A727FEA3-40BC-45A3-9D0B-7FF12A914140",
              "versionEndExcluding": "4.02",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6CE23A2-09CC-4417-A45F-63BCA66C4DD8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh584040s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8219A561-CDE9-4385-AB16-805CB74A8DCD",
              "versionEndExcluding": "4.02",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "97AAD857-95C0-4AE3-8510-CB306E8293F4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh586040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D1C426D-B67A-4D5A-9494-3F7B184660AD",
              "versionEndExcluding": "4.02",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "07E2FB94-F402-4CF0-BE35-574C1C6528BA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh586040c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCCA3AEB-E10A-4F26-B430-7BA4D49678EE",
              "versionEndExcluding": "4.02",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E776EE9-A662-4068-A61A-62CAE23C87F7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh586040s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "065FFEE6-138C-4865-BBDF-64A482F51DD2",
              "versionEndExcluding": "4.02",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D53BD038-D594-41FF-B3EF-3365C5432AD0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep581020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F0D3F3C-2A1F-4B90-8DA7-815715271F8C",
              "versionEndExcluding": "4.02",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep581020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2317F260-7AA2-4178-B468-03DF36223E26",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep581020h_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C4FFDB6-F5B3-4CD8-874F-37D7E4F2571B",
              "versionEndExcluding": "4.02",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep581020h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D7DDC42-37A1-43B0-AD46-2E0D098564BA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "48AB766B-EAFE-48C1-911D-F60466F446DF",
              "versionEndExcluding": "4.02",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "765E4FEE-255E-4C47-824A-5661B84B490B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582020h_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B27484B-E321-4026-8C66-12AFFEFB6100",
              "versionEndExcluding": "4.02",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582020h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1FEA377-3C45-4F88-B233-088A24BD0771",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1831C033-653A-44A8-969A-D7D9D21AF1FC",
              "versionEndExcluding": "4.02",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBCCDD6D-35CE-4680-8B0C-86584B1D8958",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582040h_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C27E0382-FE2F-4FE0-BDF5-295C8C7AECC9",
              "versionEndExcluding": "4.02",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "68FD5968-C522-4231-A98C-93D3101B6148",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep583020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4A26483B-944A-4A95-A54C-3A8CB95C33F7",
              "versionEndExcluding": "4.02",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep583020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBC38FF1-693E-4899-883C-1B7B80A52F2C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep583040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "69AB6BD3-D791-468C-A0DC-D62C2D07A970",
              "versionEndExcluding": "4.02",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep583040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "002E7F33-6729-4C35-9DDA-7D8383BD5668",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep584020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "482E022D-F08C-487F-AA42-AB199A6456B3",
              "versionEndExcluding": "4.02",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "47DFEBAC-2F1D-4870-8425-2199BF80B425",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep584040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6990D04-52CE-4B58-A711-CB4612B2EE53",
              "versionEndExcluding": "4.02",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC4A1DF2-FF4C-4DBE-BF74-6A4A09E3DECE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep584040s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F817C7DD-DCB3-4696-8D1A-CE94E097EA28",
              "versionEndExcluding": "4.02",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6222C1F8-BE52-4666-B7F5-2E8BBC214F70",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep585040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C963704-2DE5-4C6A-9678-E4EEAA06C535",
              "versionEndExcluding": "4.02",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep585040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5376D9F4-8AFB-4909-A11B-33C54C4220DB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep585040c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "88A1D080-7D0E-4094-811C-CF5252FB36BF",
              "versionEndExcluding": "4.02",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep585040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CADB178B-FEFD-48A9-B155-0E8F6D490229",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep586040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8708E15-0E65-420C-B7FF-34DD22C24CDE",
              "versionEndExcluding": "4.02",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep586040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B3C1879-269B-47EB-891B-EF2E90C911D7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep586040c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "636EA58C-6310-403E-BB20-74491651EF73",
              "versionEndExcluding": "4.02",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep586040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5771A1A5-3DAF-4869-A24F-F9B0A38B5DA5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability exists that could cause unauthorized access in read and write mode to the controller when communicating over Modbus. Affected Products: EcoStruxure Control Expert Including all Unity Pro versions (former name of EcoStruxure Control Expert) (V15.0 SP1 and prior), EcoStruxure Process Expert, Including all versions of EcoStruxure Hybrid DCS (former name of EcoStruxure Process Expert) (V2021 and prior), Modicon M340 CPU (part numbers BMXP34*) (V3.40 and prior), Modicon M580 CPU (part numbers BMEP* and BMEH*) (V3.20 and prior)."
    },
    {
      "lang": "es",
      "value": "Una CWE-640: Se presenta una vulnerabilidad de Mecanismo de Recuperaci\u00f3n de Contrase\u00f1as D\u00e9biles para Contrase\u00f1as Olvidadas que podr\u00eda causar un acceso no autorizado en modo de lectura y escritura al controlador cuando es comunicado a trav\u00e9s de Modbus. Productos afectados: EcoStruxure Control Expert, incluidas todas las versiones de Unity Pro (antiguo nombre de EcoStruxure Control Expert) (V15.0 SP1 y anteriores), EcoStruxure Process Expert, incluidas todas las versiones de EcoStruxure Hybrid DCS (antiguo nombre de EcoStruxure Process Expert) (V2021 y anteriores), Modicon M340 CPU (n\u00fameros de pieza BMXP34*) (V3.40 y anteriores), Modicon M580 CPU (n\u00fameros de pieza BMEP* y BMEH*) (V3.20 y anteriores)"
    }
  ],
  "id": "CVE-2022-37300",
  "lastModified": "2024-11-21T07:14:42.543",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "cybersecurity@se.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-09-12T18:15:08.980",
  "references": [
    {
      "source": "cybersecurity@se.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.se.com/us/en/download/document/SEVD-2022-221-01/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.se.com/us/en/download/document/SEVD-2022-221-01/"
    }
  ],
  "sourceIdentifier": "cybersecurity@se.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-640"
        }
      ],
      "source": "cybersecurity@se.com",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2020-12-11 01:15
Modified
2024-11-21 05:37
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause unauthenticated command execution in the controller when sending special HTTP requests.
References
cybersecurity@se.comhttps://www.se.com/ww/en/download/document/SEVD-2020-343-04/Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.se.com/ww/en/download/document/SEVD-2020-343-04/Vendor Advisory
Impacted products
Vendor Product Version
schneider-electric modicon_m340_bmxp341000_firmware *
schneider-electric modicon_m340_bmxp341000 -
schneider-electric modicon_m340_bmxp342000_firmware *
schneider-electric modicon_m340_bmxp342000 -
schneider-electric modicon_m340_bmxp3420102_firmware *
schneider-electric modicon_m340_bmxp3420102 -
schneider-electric modicon_m340_bmxp3420102cl_firmware *
schneider-electric modicon_m340_bmxp3420102cl -
schneider-electric modicon_m340_bmxp342020_firmware *
schneider-electric modicon_m340_bmxp342020 -
schneider-electric modicon_m340_bmxp3420302_firmware *
schneider-electric modicon_m340_bmxp3420302 -
schneider-electric modicon_m340_bmxp3420302cl_firmware *
schneider-electric modicon_m340_bmxp3420302cl -
schneider-electric bmxnoe0100_firmware *
schneider-electric bmxnoe0100 -
schneider-electric bmxnoe0110_firmware *
schneider-electric bmxnoe0110 -
schneider-electric 140noe77101_firmware *
schneider-electric 140noe77101 -
schneider-electric 140noe77111_firmware *
schneider-electric 140noe77111 -
schneider-electric 140cpu65150_firmware *
schneider-electric 140cpu65150 -
schneider-electric 140cpu65160_firmware *
schneider-electric 140cpu65160 -
schneider-electric 140noc78000_firmware *
schneider-electric 140noc78000 -
schneider-electric 140noc78100_firmware *
schneider-electric 140noc78100 -
schneider-electric 140noc77101_firmware *
schneider-electric 140noc77101 -
schneider-electric tsxp574634_firmware *
schneider-electric tsxp574634 -
schneider-electric tsxp575634_firmware *
schneider-electric tsxp575634 -
schneider-electric tsxp576634_firmware *
schneider-electric tsxp576634 -
schneider-electric tsxety4103_firmware *
schneider-electric tsxety4103 -
schneider-electric tsxety5103_firmware *
schneider-electric tsxety5103 -
schneider-electric bmxnoc0401_firmware *
schneider-electric bmxnoc0401 -
schneider-electric bmxnor200h_firmware *
schneider-electric bmxnor200h -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp341000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C440362A-7E0E-497C-B275-409E9B57D8A2",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "178D2338-E48E-493C-992F-337AACE794DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6ACCC66-4075-4EE9-A6BA-01EF7529C568",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D150239-27E2-4CBE-A931-5107C15E362F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD031F4E-9F3C-4035-AFB8-B7442F1B2475",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98212CF5-BCF4-4A55-B62A-484569687B4E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102cl_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C1D1498-1069-4080-8EB4-3BA6C0DC2CEA",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102cl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D30336F0-EDCF-486C-B52E-D0C53BCDFC65",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5481772-5E18-4985-A5E5-F7223B52A90B",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99F2F851-C18F-4CB8-B47C-516F2AC7955D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A83CF92-F35F-416F-B571-CA5600BF671F",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "354968F7-C41B-4C21-8E47-81DC07DF0EA5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302cl_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E506AD9-C302-4D41-B971-46DE19AF83FB",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302cl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "32091F91-9397-4506-8801-C68B9E8B60F0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnoe0100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BCDF059-40BF-4A32-9932-A7A744E6F295",
              "versionEndExcluding": "3.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnoe0100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80FC6FF2-D662-4A57-AAA6-BC04351DC779",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnoe0110_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E001828-1A7D-4C8B-95FC-046652D3EF07",
              "versionEndExcluding": "6.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnoe0110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98F3B055-8919-4E09-9827-288F0A03DAFF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140noe77101_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F72DC31C-3FF4-416C-BCD7-5F78EE066907",
              "versionEndExcluding": "7.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140noe77101:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBA60BB0-1725-45E7-9191-0D300EB05082",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140noe77111_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4570480E-3787-4263-AB51-8AD0B62969CB",
              "versionEndExcluding": "7.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140noe77111:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CBDCA32-398A-4AC3-A477-DEF9ACD4D3F4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F419FC54-72D9-488F-9B0F-C12CEA213089",
              "versionEndExcluding": "6.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC3E5496-C3D0-4DF4-A9AF-F227F889840E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65160_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF7A5C7B-9DBA-47CB-B7D4-70184AEBC684",
              "versionEndExcluding": "6.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65160:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2C2AF70-F0BB-4D17-901C-1FCBECDC44FB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140noc78000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD80E512-2D78-4375-8DBB-D12E5F0AF484",
              "versionEndExcluding": "1.74",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140noc78000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "876CE5BA-B45D-4FFD-8176-E26181DAC355",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140noc78100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCD74F63-7BA1-498F-977F-FCA90B5968AA",
              "versionEndExcluding": "1.74",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140noc78100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1067FDEA-33BC-4AA9-AC5B-099BA757065B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140noc77101_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAA8F733-513D-458A-A1ED-849A3DE8F5FD",
              "versionEndExcluding": "1.08",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140noc77101:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B688E46-6D5B-4197-BBA2-23F361E656E0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp574634_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "19D112F4-50CB-4EFE-B0EA-43A732A22283",
              "versionEndExcluding": "6.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp574634:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "76B1122A-56A2-44BB-8648-C6E96D1966D9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp575634_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EDD6B6C-FF2A-4960-AFD6-9DF4B4F7FD5E",
              "versionEndExcluding": "6.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp575634:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0678A50-FE23-49BD-A6CF-A7094EFDAFA1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp576634_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CB6318A-9AEF-4C9D-9678-05208026AC8A",
              "versionEndExcluding": "6.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp576634:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "38F83CCC-4A66-4D47-A563-777A16028F3B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxety4103_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "92C280EA-9C52-47A9-AA1E-B0AA9C1F67F2",
              "versionEndExcluding": "6.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxety4103:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "18B13865-038C-4073-955A-36E6F5037C2C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxety5103_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C093ECB-B977-4346-9E0E-DC30DD762055",
              "versionEndExcluding": "6.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxety5103:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A901BF2-9316-4067-9AFC-8A7CB3549F68",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnoc0401_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "887976CC-8244-4D86-9941-BA82BC1AB6C2",
              "versionEndExcluding": "2.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnoc0401:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF08654A-FFCB-47D3-AC82-DF7284548962",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnor200h_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "916E21A9-E841-496D-84DB-A6427A300FD2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnor200h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "61020CA2-94D2-461F-B103-5A4985AE438E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause unauthenticated command execution in the controller when sending special HTTP requests."
    },
    {
      "lang": "es",
      "value": "Una CWE-306: Se presenta una vulnerabilidad de Falta Autenticaci\u00f3n para la Funci\u00f3n Cr\u00edtica en el Servidor Web en Modicon M340, Legacy Offers Modicon Quantum y Modicon Premium y Modicon Premium y M\u00f3dulos de Comunicaci\u00f3n asociados (consulte la notificaci\u00f3n de seguridad para las versiones afectadas), que podr\u00eda causar una ejecuci\u00f3n de comandos no autenticados en el controlador cuando se env\u00edan peticiones HTTP especiales"
    }
  ],
  "id": "CVE-2020-7540",
  "lastModified": "2024-11-21T05:37:20.573",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-12-11T01:15:12.377",
  "references": [
    {
      "source": "cybersecurity@se.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-04/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-04/"
    }
  ],
  "sourceIdentifier": "cybersecurity@se.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-306"
        }
      ],
      "source": "cybersecurity@se.com",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2021-09-02 17:15
Modified
2024-11-21 05:50
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxureª Control Expert, including all Unity Pro versions (former name of EcoStruxureª Control Expert, all versions), PLC Simulator for EcoStruxureª Process Expert including all HDCS versions (former name of EcoStruxureª Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions).
References
cybersecurity@se.comhttps://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-04Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-04Patch, Vendor Advisory
Impacted products
Vendor Product Version
schneider-electric modicon_m340_bmxp341000 -
schneider-electric modicon_m340_bmxp342010 -
schneider-electric modicon_m340_bmxp342020 -
schneider-electric modicon_m340_bmxp342030 -
schneider-electric modicon_m580_bmeh582040 -
schneider-electric modicon_m580_bmeh582040c -
schneider-electric modicon_m580_bmeh582040s -
schneider-electric modicon_m580_bmeh584040 -
schneider-electric modicon_m580_bmeh584040c -
schneider-electric modicon_m580_bmeh584040s -
schneider-electric modicon_m580_bmeh586040 -
schneider-electric modicon_m580_bmeh586040c -
schneider-electric modicon_m580_bmeh586040s -
schneider-electric modicon_m580_bmep581020 -
schneider-electric modicon_m580_bmep581020h -
schneider-electric modicon_m580_bmep582020 -
schneider-electric modicon_m580_bmep582020h -
schneider-electric modicon_m580_bmep582040 -
schneider-electric modicon_m580_bmep582040h -
schneider-electric modicon_m580_bmep582040s -
schneider-electric modicon_m580_bmep583020 -
schneider-electric modicon_m580_bmep583040 -
schneider-electric modicon_m580_bmep584020 -
schneider-electric modicon_m580_bmep584040 -
schneider-electric modicon_m580_bmep584040s -
schneider-electric modicon_m580_bmep585040 -
schneider-electric modicon_m580_bmep585040c -
schneider-electric modicon_m580_bmep586040 -
schneider-electric modicon_m580_bmep586040c -
schneider-electric modicon_mc80_bmkc8020301 -
schneider-electric modicon_mc80_bmkc8020310 -
schneider-electric modicon_mc80_bmkc8030311 -
schneider-electric modicon_momentum_171cbu78090 -
schneider-electric modicon_momentum_171cbu98090 -
schneider-electric modicon_momentum_171cbu98091 -
schneider-electric modicon_premium_tsxp57_1634m -
schneider-electric modicon_premium_tsxp57_2634m -
schneider-electric modicon_premium_tsxp57_2834m -
schneider-electric modicon_premium_tsxp57_454m -
schneider-electric modicon_premium_tsxp57_4634m -
schneider-electric modicon_premium_tsxp57_554m -
schneider-electric modicon_premium_tsxp57_5634m -
schneider-electric modicon_premium_tsxp57_6634m -
schneider-electric modicon_quantum_140cpu65150 -
schneider-electric modicon_quantum_140cpu65150c -
schneider-electric modicon_quantum_140cpu65160 -
schneider-electric modicon_quantum_140cpu65160c -
schneider-electric plc_simulator_for_ecostruxure_control_expert -
schneider-electric plc_simulator_for_ecostruxure_process_expert -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "178D2338-E48E-493C-992F-337AACE794DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "833B2455-5D39-4457-9D6F-0CD738A2EB02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99F2F851-C18F-4CB8-B47C-516F2AC7955D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342030:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E472ABB0-5556-4B96-9CEF-2180E24FA7FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F484F8BB-60B5-4045-92C3-0C2A0CD4107E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4F0F823-89EA-451D-81DC-07AACA039371",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "610AE743-9FD1-4149-AD45-3B1DAE268BF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "77116949-1141-432D-964B-29A759939E8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6CE23A2-09CC-4417-A45F-63BCA66C4DD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "97AAD857-95C0-4AE3-8510-CB306E8293F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "07E2FB94-F402-4CF0-BE35-574C1C6528BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E776EE9-A662-4068-A61A-62CAE23C87F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D53BD038-D594-41FF-B3EF-3365C5432AD0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep581020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2317F260-7AA2-4178-B468-03DF36223E26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep581020h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D7DDC42-37A1-43B0-AD46-2E0D098564BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "765E4FEE-255E-4C47-824A-5661B84B490B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582020h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1FEA377-3C45-4F88-B233-088A24BD0771",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBCCDD6D-35CE-4680-8B0C-86584B1D8958",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "68FD5968-C522-4231-A98C-93D3101B6148",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C02B27F6-B8CF-4D3B-9DA6-054F540EA6B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep583020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBC38FF1-693E-4899-883C-1B7B80A52F2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep583040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "002E7F33-6729-4C35-9DDA-7D8383BD5668",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "47DFEBAC-2F1D-4870-8425-2199BF80B425",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC4A1DF2-FF4C-4DBE-BF74-6A4A09E3DECE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6222C1F8-BE52-4666-B7F5-2E8BBC214F70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep585040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5376D9F4-8AFB-4909-A11B-33C54C4220DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep585040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CADB178B-FEFD-48A9-B155-0E8F6D490229",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep586040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B3C1879-269B-47EB-891B-EF2E90C911D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep586040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5771A1A5-3DAF-4869-A24F-F9B0A38B5DA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_mc80_bmkc8020301:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "62B3CEFA-BCF8-4305-B81A-980AA1352515",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_mc80_bmkc8020310:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C1A9EE4-9564-45F6-8CF8-1A820E469B41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_mc80_bmkc8030311:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "026D5E27-E50D-4614-A3EB-C54150C85572",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_momentum_171cbu78090:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B765DF6-1D0A-4191-9AD7-250A7EB691BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_momentum_171cbu98090:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "67152082-E085-4111-98BA-6E9EF14ADB91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_momentum_171cbu98091:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD68FC34-691B-406E-A59D-2596215AE314",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_1634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB98E7F1-DD61-47F5-A6BB-18D75FDFAB70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_2634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39E46898-7206-45C1-9A93-729B5905EF38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_2834m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C97A89AF-103A-4D2A-9EAF-42CEC88A2BCA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_454m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "32B611B6-1138-40DF-848A-A4A10E1DB0F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_4634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF901CCB-1BC4-4EDA-A3D7-ED7523128EAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_554m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4479C318-EE74-4338-B172-EC13D4D62246",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_5634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98A25B72-B3A9-4717-8AA9-B164226DF9D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_6634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "889E9E8B-688E-420E-9A99-AB64BA7ABCDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E3446A5-69F7-4270-93E2-CD5614970698",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65150c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08FE0C5D-3132-48AD-92EB-B7C4277C1FAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65160:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD3F1B7C-7972-463E-930E-F359A402DAF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65160c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC9D2D4D-558B-424E-AB04-429C83F06DB7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:plc_simulator_for_ecostruxure_control_expert:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A63ECFF-261A-4C39-964E-CBC4B97147DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:plc_simulator_for_ecostruxure_process_expert:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B722F22-2CEB-426B-9615-DD3B73A671F4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxure\u00aa Control Expert, including all Unity Pro versions (former name of EcoStruxure\u00aa Control Expert, all versions), PLC Simulator for EcoStruxure\u00aa Process Expert including all HDCS versions (former name of EcoStruxure\u00aa Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)."
    },
    {
      "lang": "es",
      "value": "Una CWE-119: Una vulnerabilidad de Restricci\u00f3n Inapropiada de Operaciones dentro de los L\u00edmites de un B\u00fafer de Memoria que podr\u00eda causar una Denegaci\u00f3n de Servicio en el controlador/simulador del PLC Modicon cuando se actualiza la aplicaci\u00f3n del controlador con un archivo de proyecto especialmente dise\u00f1ado se presenta en Modicon M580 CPU (n\u00fameros de pieza BMEP* and BMEH*, todas las versiones), Modicon M340 CPU (n\u00fameros de pieza BMXP34*, todas las versiones), Modicon MC80 (n\u00fameros de pieza BMKC80*, todas las versiones), Modicon Momentum Ethernet CPU (n\u00fameros de pieza 171CBU*, todas las versiones), PLC Simulator for EcoStruxure\u00aa Control Expert, incluyendo todas las versiones Unity Pro (antiguo nombre de EcoStruxure\u00aa Control Expert, todas las versiones), PLC Simulator for EcoStruxure\u00aa Process Expert incluyendo todas las versiones HDCS (antiguo nombre de EcoStruxure\u00aa Process Expert, todas las versiones), Modicon Quantum CPU (n\u00fameros de pieza 140CPU*, todas las versiones), Modicon Premium CPU (n\u00fameros de pieza TSXP5*, todas las versiones)"
    }
  ],
  "id": "CVE-2021-22789",
  "lastModified": "2024-11-21T05:50:40.377",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-09-02T17:15:08.180",
  "references": [
    {
      "source": "cybersecurity@se.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-04"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-04"
    }
  ],
  "sourceIdentifier": "cybersecurity@se.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "cybersecurity@se.com",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2022-02-04 23:15
Modified
2024-11-21 05:37
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
A CWE-352: Cross-Site Request Forgery (CSRF) vulnerability exists on the web server used, that could cause a leak of sensitive data or unauthorized actions on the web server during the time the user is logged in. Affected Products: Modicon M340 CPUs: BMXP34 (All Versions), Modicon Quantum CPUs with integrated Ethernet (Copro): 140CPU65 (All Versions), Modicon Premium CPUs with integrated Ethernet (Copro): TSXP57 (All Versions), Modicon M340 ethernet modules: (BMXNOC0401, BMXNOE01, BMXNOR0200H) (All Versions), Modicon Quantum and Premium factory cast communication modules: (140NOE77111, 140NOC78*00, TSXETY5103, TSXETY4103) (All Versions)
References
cybersecurity@se.comhttps://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-011-01Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-011-01Patch, Vendor Advisory
Impacted products
Vendor Product Version
schneider-electric modicon_m340_bmxp342020_firmware *
schneider-electric modicon_m340_bmxp342020 -
schneider-electric 140cpu65_firmware *
schneider-electric 140cpu65 -
schneider-electric tsxp57_firmware *
schneider-electric tsxp57 -
schneider-electric bmxnoc0401_firmware *
schneider-electric bmxnoc0401 -
schneider-electric bmxnoe01_firmware *
schneider-electric bmxnoe01 -
schneider-electric bmxnor0200h_firmware *
schneider-electric bmxnor0200h -
schneider-electric 140noe77111_firmware *
schneider-electric 140noe77111 -
schneider-electric 140noc78000_firmware *
schneider-electric 140noc78000 -
schneider-electric tsxety5103_firmware *
schneider-electric tsxety5103 -
schneider-electric tsxety4103_firmware *
schneider-electric tsxety4103 -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C747D719-51A2-44F5-B940-89D84437DA95",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99F2F851-C18F-4CB8-B47C-516F2AC7955D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140cpu65_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "12B6D628-61AA-4999-B71F-FF93182A035B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140cpu65:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6E9922C-D583-4820-9BAC-8D8CC31F482B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxp57_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B20CF298-0E3F-4142-B7CF-791FA5E5545C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxp57:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2161791-5948-4C6E-B0FC-8DC7686CD87A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnoc0401_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEF0DA3B-F89B-487D-AAE6-AEA88E28055A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnoc0401:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF08654A-FFCB-47D3-AC82-DF7284548962",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnoe01_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E77A9929-C08B-4C29-ADA9-A53E6A2750D5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnoe01:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "50ED0C5D-0F0F-42D9-9E44-133A89ED940C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnor0200h_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AECF5778-C5F5-4789-BD3D-793B35DDDBDF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnor0200h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "60D9A366-3394-4275-B884-AE6E7227156E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140noe77111_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "36A93454-1251-4EC9-8FFB-E7152E346C5B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140noe77111:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CBDCA32-398A-4AC3-A477-DEF9ACD4D3F4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:140noc78000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A62DEBF-6343-48BB-835C-64AE9D8F956A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:140noc78000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "876CE5BA-B45D-4FFD-8176-E26181DAC355",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxety5103_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7B418F6-DCED-40B9-8B35-DC50FD8EF6FD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxety5103:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A901BF2-9316-4067-9AFC-8A7CB3549F68",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:tsxety4103_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "066E3E6C-8A0E-4360-A4ED-32A84B7647FC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:tsxety4103:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "18B13865-038C-4073-955A-36E6F5037C2C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A CWE-352: Cross-Site Request Forgery (CSRF) vulnerability exists on the web server used, that could cause a leak of sensitive data or unauthorized actions on the web server during the time the user is logged in. Affected Products: Modicon M340 CPUs: BMXP34 (All Versions), Modicon Quantum CPUs with integrated Ethernet (Copro): 140CPU65 (All Versions), Modicon Premium CPUs with integrated Ethernet (Copro): TSXP57 (All Versions), Modicon M340 ethernet modules: (BMXNOC0401, BMXNOE01, BMXNOR0200H) (All Versions), Modicon Quantum and Premium factory cast communication modules: (140NOE77111, 140NOC78*00, TSXETY5103, TSXETY4103) (All Versions)"
    },
    {
      "lang": "es",
      "value": "Una CWE-352: Una vulnerabilidad de tipo Cross-Site Request Forgery (CSRF) se presenta en el servidor web usado, que podr\u00eda causar un filtrado de datos confidenciales o acciones no autorizadas en el servidor web durante el tiempo en que el usuario est\u00e1 conectado. Productos afectados: CPUs Modicon M340: BMXP34 (Todas las versiones), CPUs Modicon Quantum con Ethernet integrada (Copro): 140CPU65 (Todas las versiones), CPUs Modicon Premium con Ethernet integrada (Copro): TSXP57 (Todas las versiones), M\u00f3dulos ethernet Modicon M340: (BMXNOC0401, BMXNOE01, BMXNOR0200H) (Todas las versiones), M\u00f3dulos de comunicaci\u00f3n de f\u00e1brica Modicon Quantum y Premium: (140NOE77111, 140NOC78*00, TSXETY5103, TSXETY4103) (Todas las versiones)"
    }
  ],
  "id": "CVE-2020-7534",
  "lastModified": "2024-11-21T05:37:19.763",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-02-04T23:15:10.390",
  "references": [
    {
      "source": "cybersecurity@se.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-011-01"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2022-011-01"
    }
  ],
  "sourceIdentifier": "cybersecurity@se.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-352"
        }
      ],
      "source": "cybersecurity@se.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-352"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2024-02-14 17:15
Modified
2025-01-23 19:39
Severity ?
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
CWE-924: Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability exists that could cause a denial of service and loss of confidentiality, integrity of controllers when conducting a Man in the Middle attack.
References
cybersecurity@se.comhttps://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-044-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-044-01.pdfVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-044-01&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-044-01.pdfVendor Advisory
Impacted products
Vendor Product Version
schneider-electric modicon_m340_bmxp341000_firmware *
schneider-electric modicon_m340_bmxp341000 -
schneider-electric modicon_m340_bmxp341000h_firmware *
schneider-electric modicon_m340_bmxp341000h -
schneider-electric modicon_m340_bmxp342000_firmware *
schneider-electric modicon_m340_bmxp342000 -
schneider-electric modicon_m340_bmxp342010_firmware *
schneider-electric modicon_m340_bmxp342010 -
schneider-electric modicon_m340_bmxp3420102_firmware *
schneider-electric modicon_m340_bmxp3420102 -
schneider-electric modicon_m340_bmxp3420102cl_firmware *
schneider-electric modicon_m340_bmxp3420102cl -
schneider-electric modicon_m340_bmxp342020_firmware *
schneider-electric modicon_m340_bmxp342020 -
schneider-electric modicon_m340_bmxp342020h_firmware *
schneider-electric modicon_m340_bmxp342020h -
schneider-electric modicon_m340_bmxp342030_firmware *
schneider-electric modicon_m340_bmxp342030 -
schneider-electric modicon_m340_bmxp3420302_firmware *
schneider-electric modicon_m340_bmxp3420302 -
schneider-electric modicon_m340_bmxp3420302cl_firmware *
schneider-electric modicon_m340_bmxp3420302cl -
schneider-electric modicon_m340_bmxp3420302h_firmware *
schneider-electric modicon_m340_bmxp3420302h -
schneider-electric modicon_m340_bmxp342030h_firmware *
schneider-electric modicon_m340_bmxp342030h -
schneider-electric modicon_m580_bmep581020_firmware *
schneider-electric modicon_m580_bmep581020 -
schneider-electric modicon_m580_bmep581020h_firmware *
schneider-electric modicon_m580_bmep581020h -
schneider-electric modicon_m580_bmep582020_firmware *
schneider-electric modicon_m580_bmep582020 -
schneider-electric modicon_m580_bmep582020h_firmware *
schneider-electric modicon_m580_bmep582020h -
schneider-electric modicon_m580_bmep582040_firmware *
schneider-electric modicon_m580_bmep582040 -
schneider-electric modicon_m580_bmep582040h_firmware *
schneider-electric modicon_m580_bmep582040h -
schneider-electric modicon_m580_bmep582040s_firmware *
schneider-electric modicon_m580_bmep582040s -
schneider-electric modicon_m580_bmep583020_firmware *
schneider-electric modicon_m580_bmep583020 -
schneider-electric modicon_m580_bmep583040_firmware *
schneider-electric modicon_m580_bmep583040 -
schneider-electric modicon_m580_bmep584040_firmware *
schneider-electric modicon_m580_bmep584040 -
schneider-electric modicon_m580_bmep584020_firmware *
schneider-electric modicon_m580_bmep584020 -
schneider-electric modicon_m580_bmep584040s_firmware *
schneider-electric modicon_m580_bmep584040s -
schneider-electric modicon_m580_bmep585040_firmware *
schneider-electric modicon_m580_bmep585040 -
schneider-electric modicon_m580_bmep585040c_firmware *
schneider-electric modicon_m580_bmep585040c -
schneider-electric modicon_m580_bmep586040_firmware *
schneider-electric modicon_m580_bmep586040 -
schneider-electric modicon_m580_bmep586040c_firmware *
schneider-electric modicon_m580_bmep586040c -
schneider-electric modicon_m580_bmeh582040_firmware *
schneider-electric modicon_m580_bmeh582040 -
schneider-electric modicon_m580_bmeh582040c_firmware *
schneider-electric modicon_m580_bmeh582040c -
schneider-electric modicon_m580_bmeh584040_firmware *
schneider-electric modicon_m580_bmeh584040 -
schneider-electric modicon_m580_bmeh582040s_firmware *
schneider-electric modicon_m580_bmeh582040s -
schneider-electric modicon_m580_bmeh584040c_firmware *
schneider-electric modicon_m580_bmeh584040c -
schneider-electric modicon_m580_bmeh584040s_firmware *
schneider-electric modicon_m580_bmeh584040s -
schneider-electric modicon_m580_bmeh586040_firmware *
schneider-electric modicon_m580_bmeh586040 -
schneider-electric modicon_m580_bmeh586040c_firmware *
schneider-electric modicon_m580_bmeh586040c -
schneider-electric modicon_m580_bmeh586040s_firmware *
schneider-electric modicon_m580_bmeh586040s -
schneider-electric modicon_mc80_bmkc8020301_firmware *
schneider-electric modicon_mc80_bmkc8020301 -
schneider-electric modicon_mc80_bmkc8020310_firmware *
schneider-electric modicon_mc80_bmkc8020310 -
schneider-electric modicon_mc80_bmkc8030311 *
schneider-electric modicon_mc80_bmkc8030311_firmware -
schneider-electric modicon_momentum_171cbu78090_firmware *
schneider-electric modicon_momentum_171cbu78090 -
schneider-electric modicon_momentum_171cbu98090_firmware *
schneider-electric modicon_momentum_171cbu98090 -
schneider-electric modicon_momentum_171cbu98091_firmware *
schneider-electric modicon_momentum_171cbu98091 -
schneider-electric ecostruxure_control_expert *
schneider-electric ecostruxure_process_expert *


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp341000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "66A41729-8AC9-44CE-8447-B9E243E4CA7E",
              "versionEndExcluding": "3.60",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "178D2338-E48E-493C-992F-337AACE794DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp341000h_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B721B3D-6ADC-4CDE-BA59-5D39F7D0D624",
              "versionEndExcluding": "3.60",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "69222495-4F18-434E-B86C-F63C5A2C1242",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "189E442E-73FA-44B4-9E4F-6167FD095D39",
              "versionEndExcluding": "3.60",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D150239-27E2-4CBE-A931-5107C15E362F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342010_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DDD51E43-1E3C-4694-A540-9CD5547EC60C",
              "versionEndExcluding": "3.60",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "833B2455-5D39-4457-9D6F-0CD738A2EB02",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD1BAE8E-B799-4BA1-8860-AA89F72DBCA3",
              "versionEndExcluding": "3.60",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98212CF5-BCF4-4A55-B62A-484569687B4E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102cl_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB57B387-58F4-4D44-883D-82C29F06F300",
              "versionEndExcluding": "3.60",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102cl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D30336F0-EDCF-486C-B52E-D0C53BCDFC65",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF3FF83D-6638-4627-B076-14431E931CDB",
              "versionEndExcluding": "3.60",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99F2F851-C18F-4CB8-B47C-516F2AC7955D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020h_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CB38392-4EF2-435B-BAD2-6EF089381716",
              "versionEndExcluding": "3.60",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "56BAED8B-EEFA-45D7-A5A3-9B62067CE24C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342030_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4157F72-10ED-47A0-A90C-39D436302B66",
              "versionEndExcluding": "3.60",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342030:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E472ABB0-5556-4B96-9CEF-2180E24FA7FD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "31CFFD7F-F459-476C-A984-70D5799D1772",
              "versionEndExcluding": "3.60",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "354968F7-C41B-4C21-8E47-81DC07DF0EA5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302cl_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABC7DD20-F35D-4329-A4C5-27C67611D9F0",
              "versionEndExcluding": "3.60",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302cl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "32091F91-9397-4506-8801-C68B9E8B60F0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302h_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D81366E4-B0BC-4B93-BC15-4909C6A87F32",
              "versionEndExcluding": "3.60",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "075A16D1-F4DF-4DCB-8DF9-152E282CE01F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342030h_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A08E506E-E508-43B2-B332-45951F7FC848",
              "versionEndExcluding": "3.60",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342030h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF9608E7-C9B5-4945-9609-690231DB1B5A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep581020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "612BA6AF-0738-41BA-B67A-320998CC7DEC",
              "versionEndExcluding": "4.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep581020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2317F260-7AA2-4178-B468-03DF36223E26",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep581020h_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C5DDF76-4C99-4FCE-BDB1-DC5FE70D284D",
              "versionEndExcluding": "4.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep581020h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D7DDC42-37A1-43B0-AD46-2E0D098564BA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9E86F93-D4A5-41A9-9F4E-2A455D457964",
              "versionEndExcluding": "4.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "765E4FEE-255E-4C47-824A-5661B84B490B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582020h_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A551102F-6847-41FB-96A3-B7E412CC14A3",
              "versionEndExcluding": "4.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582020h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1FEA377-3C45-4F88-B233-088A24BD0771",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B4F458E-82AB-4AA2-AA98-AF30DA05C094",
              "versionEndExcluding": "4.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBCCDD6D-35CE-4680-8B0C-86584B1D8958",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582040h_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "24838031-54D3-4B4B-8CCC-D0F3B6B09589",
              "versionEndExcluding": "4.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "68FD5968-C522-4231-A98C-93D3101B6148",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582040s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4094AD89-46E1-426A-8A08-9F56278737DE",
              "versionEndExcluding": "4.21",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C02B27F6-B8CF-4D3B-9DA6-054F540EA6B6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep583020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F63C5C5-38D7-4FED-81F9-FCF5626A6EBC",
              "versionEndExcluding": "4.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep583020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBC38FF1-693E-4899-883C-1B7B80A52F2C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep583040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "26448C55-91E4-4B50-94DF-B4C874B267AF",
              "versionEndExcluding": "4.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep583040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "002E7F33-6729-4C35-9DDA-7D8383BD5668",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep584040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "28531D13-A985-49F5-9D6E-1125A764F0EF",
              "versionEndExcluding": "4.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC4A1DF2-FF4C-4DBE-BF74-6A4A09E3DECE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep584020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "02F14360-9D1F-4EBC-8C87-E0BC1681124D",
              "versionEndExcluding": "4.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "47DFEBAC-2F1D-4870-8425-2199BF80B425",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep584040s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8BD25F9-6EDF-4554-AA5E-5CD0C56CFC91",
              "versionEndExcluding": "4.21",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6222C1F8-BE52-4666-B7F5-2E8BBC214F70",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep585040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF13A654-6195-45A6-BBAB-551F89B2BB36",
              "versionEndExcluding": "4.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep585040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5376D9F4-8AFB-4909-A11B-33C54C4220DB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep585040c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "113A6513-8BA8-46AB-859D-FFC55C3D0623",
              "versionEndExcluding": "4.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep585040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CADB178B-FEFD-48A9-B155-0E8F6D490229",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep586040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B7C1A1A-3A6E-4095-AD00-395B5CF59B70",
              "versionEndExcluding": "4.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep586040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B3C1879-269B-47EB-891B-EF2E90C911D7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep586040c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B81D21C-8B25-4710-84D4-E31A4D60DBEF",
              "versionEndExcluding": "4.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep586040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5771A1A5-3DAF-4869-A24F-F9B0A38B5DA5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh582040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "62FEA1D5-8094-4C6F-AE53-A8076D17F833",
              "versionEndExcluding": "4.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F484F8BB-60B5-4045-92C3-0C2A0CD4107E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh582040c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "81423EAF-9BC2-4254-B7CD-A2E5B93DD7CF",
              "versionEndExcluding": "4.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4F0F823-89EA-451D-81DC-07AACA039371",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh584040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F411C917-26D8-4A3C-9AF8-998E1DBE9611",
              "versionEndExcluding": "4.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "77116949-1141-432D-964B-29A759939E8F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh582040s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE0B94C1-1322-49AD-9C87-278A3C517A9E",
              "versionEndExcluding": "4.21",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "610AE743-9FD1-4149-AD45-3B1DAE268BF9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh584040c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8BF0234E-17EE-40CE-AEA3-C46C8B73FE9F",
              "versionEndExcluding": "4.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6CE23A2-09CC-4417-A45F-63BCA66C4DD8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh584040s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D28B19E1-2017-49E4-BA7F-7175E97CAD7F",
              "versionEndExcluding": "4.21",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "97AAD857-95C0-4AE3-8510-CB306E8293F4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh586040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D5ACCA5-1AC6-4B41-909B-43B86808D405",
              "versionEndExcluding": "4.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "07E2FB94-F402-4CF0-BE35-574C1C6528BA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh586040c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "274EC4AF-32F7-44DB-9141-4E458A25E4E3",
              "versionEndExcluding": "4.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E776EE9-A662-4068-A61A-62CAE23C87F7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh586040s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A834E56-260F-4EF3-8325-903E2C7880F5",
              "versionEndExcluding": "4.21",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D53BD038-D594-41FF-B3EF-3365C5432AD0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_mc80_bmkc8020301_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9809A056-81A7-466C-ACB0-2F61308D54C0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_mc80_bmkc8020301:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "62B3CEFA-BCF8-4305-B81A-980AA1352515",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_mc80_bmkc8020310_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "503BDD25-2072-4A09-A1C2-AFD977F95B54",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_mc80_bmkc8020310:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C1A9EE4-9564-45F6-8CF8-1A820E469B41",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_mc80_bmkc8030311:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9AADC7E9-F019-48FD-8E9F-296C32A10AAD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_mc80_bmkc8030311_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2DF7857-E543-46E4-AFC3-585BEA9E5B21",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_momentum_171cbu78090_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFEF1F75-74C7-4AC4-9FDF-0522A1D153A0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_momentum_171cbu78090:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B765DF6-1D0A-4191-9AD7-250A7EB691BF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_momentum_171cbu98090_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F3D0B0EE-34E9-4D58-B739-4F71FD2E9452",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_momentum_171cbu98090:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "67152082-E085-4111-98BA-6E9EF14ADB91",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_momentum_171cbu98091_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD0FCEBC-040D-4DB9-AF62-6A736829294F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_momentum_171cbu98091:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD68FC34-691B-406E-A59D-2596215AE314",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:schneider-electric:ecostruxure_control_expert:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FF68269-FEB0-41F0-9127-965AA4ADCC91",
              "versionEndExcluding": "16.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:schneider-electric:ecostruxure_process_expert:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D8022AED-42C4-42F5-A30A-45F157D71CA9",
              "versionEndExcluding": "2023",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "\nCWE-924: Improper Enforcement of Message Integrity During Transmission in a\nCommunication Channel vulnerability exists that could cause a denial of service and loss of\nconfidentiality, integrity of controllers when conducting a Man in the Middle attack.\n\n"
    },
    {
      "lang": "es",
      "value": "CWE-924: Existe una vulnerabilidad en la aplicaci\u00f3n inadecuada de la integridad de los mensajes durante la transmisi\u00f3n en un canal de comunicaci\u00f3n que podr\u00eda causar una denegaci\u00f3n de servicio y p\u00e9rdida de confidencialidad e integridad de los controladores al realizar un ataque Man in the Middle."
    }
  ],
  "id": "CVE-2023-6408",
  "lastModified": "2025-01-23T19:39:42.010",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.1,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 5.9,
        "source": "cybersecurity@se.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.1,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-02-14T17:15:11.057",
  "references": [
    {
      "source": "cybersecurity@se.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-044-01\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2024-044-01.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-044-01\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2024-044-01.pdf"
    }
  ],
  "sourceIdentifier": "cybersecurity@se.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-924"
        }
      ],
      "source": "cybersecurity@se.com",
      "type": "Secondary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2020-12-11 01:15
Modified
2024-11-21 05:37
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum & Modicon Premium (see security notifications for affected versions), that could cause denial of service when a specially crafted Read Physical Memory request over Modbus is sent to the controller.
References
cybersecurity@se.comhttps://www.se.com/ww/en/download/document/SEVD-2020-343-08/Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.se.com/ww/en/download/document/SEVD-2020-343-08/Vendor Advisory
Impacted products
Vendor Product Version
schneider-electric modicon_m580_bmep584040_firmware *
schneider-electric modicon_m580_bmep584040 -
schneider-electric modicon_m580_bmep582040_firmware *
schneider-electric modicon_m580_bmep582040 -
schneider-electric modicon_m580_bmep586040_firmware *
schneider-electric modicon_m580_bmep586040 -
schneider-electric modicon_m580_bmep585040_firmware *
schneider-electric modicon_m580_bmep585040 -
schneider-electric modicon_m580_bmep582020_firmware *
schneider-electric modicon_m580_bmep582020 -
schneider-electric modicon_m580_bmep581020_firmware *
schneider-electric modicon_m580_bmep581020 -
schneider-electric modicon_m580_bmep584020_firmware *
schneider-electric modicon_m580_bmep584020 -
schneider-electric modicon_m580_bmep583040_firmware *
schneider-electric modicon_m580_bmep583040 -
schneider-electric modicon_m580_bmep583020_firmware *
schneider-electric modicon_m580_bmep583020 -
schneider-electric modicon_m340_bmxp341000_firmware *
schneider-electric modicon_m340_bmxp341000 -
schneider-electric modicon_m340_bmxp342000_firmware *
schneider-electric modicon_m340_bmxp342000 -
schneider-electric modicon_m340_bmxp3420102_firmware *
schneider-electric modicon_m340_bmxp3420102 -
schneider-electric modicon_m340_bmxp3420102cl_firmware *
schneider-electric modicon_m340_bmxp3420102cl -
schneider-electric modicon_m340_bmxp342020_firmware *
schneider-electric modicon_m340_bmxp342020 -
schneider-electric modicon_m340_bmxp3420302_firmware *
schneider-electric modicon_m340_bmxp3420302 -
schneider-electric modicon_m340_bmxp3420302cl_firmware *
schneider-electric modicon_m340_bmxp3420302cl -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep584040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C2208FD-0126-4ECF-97DF-89998EE90A5F",
              "versionEndExcluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC4A1DF2-FF4C-4DBE-BF74-6A4A09E3DECE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB772761-8859-4AA5-ACAC-4A5859FCE0A9",
              "versionEndExcluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBCCDD6D-35CE-4680-8B0C-86584B1D8958",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep586040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B0DB061-8B7F-4FEC-9275-6FFE045DCE81",
              "versionEndExcluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep586040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B3C1879-269B-47EB-891B-EF2E90C911D7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep585040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BAA3B4D9-7F47-4813-9784-EB7BF53A32DE",
              "versionEndExcluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep585040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5376D9F4-8AFB-4909-A11B-33C54C4220DB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE7D852A-18A3-4AB8-B6AD-4B9815950CC4",
              "versionEndExcluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "765E4FEE-255E-4C47-824A-5661B84B490B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep581020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "4325AE79-6FDA-47A7-B3A6-C47C5C2C510D",
              "versionEndExcluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep581020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2317F260-7AA2-4178-B468-03DF36223E26",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep584020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6149E270-E76E-4011-A488-2571499A6C76",
              "versionEndExcluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "47DFEBAC-2F1D-4870-8425-2199BF80B425",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep583040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6AF74D66-DEF7-4A05-A6FC-15645BA8B8AB",
              "versionEndExcluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep583040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "002E7F33-6729-4C35-9DDA-7D8383BD5668",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep583020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A4810AB-2986-4152-9E48-488959A15361",
              "versionEndExcluding": "3.20",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep583020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBC38FF1-693E-4899-883C-1B7B80A52F2C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp341000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C440362A-7E0E-497C-B275-409E9B57D8A2",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "178D2338-E48E-493C-992F-337AACE794DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6ACCC66-4075-4EE9-A6BA-01EF7529C568",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D150239-27E2-4CBE-A931-5107C15E362F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD031F4E-9F3C-4035-AFB8-B7442F1B2475",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98212CF5-BCF4-4A55-B62A-484569687B4E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102cl_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C1D1498-1069-4080-8EB4-3BA6C0DC2CEA",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102cl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D30336F0-EDCF-486C-B52E-D0C53BCDFC65",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5481772-5E18-4985-A5E5-F7223B52A90B",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99F2F851-C18F-4CB8-B47C-516F2AC7955D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A83CF92-F35F-416F-B571-CA5600BF671F",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "354968F7-C41B-4C21-8E47-81DC07DF0EA5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302cl_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E506AD9-C302-4D41-B971-46DE19AF83FB",
              "versionEndExcluding": "3.30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302cl:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "32091F91-9397-4506-8801-C68B9E8B60F0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum \u0026 Modicon Premium (see security notifications for affected versions), that could cause denial of service when a specially crafted Read Physical Memory request over Modbus is sent to the controller."
    },
    {
      "lang": "es",
      "value": "Una CWE-754: Se presenta una vulnerabilidad de Comprobaci\u00f3n Inapropiada de Condiciones Inusuales o Excepcionales en Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum \u0026amp; Modicon Premium (consulte las notificaciones de seguridad para las versiones afectadas), que podr\u00eda causar una denegaci\u00f3n de servicio cuando una petici\u00f3n Read Physical Memory especialmente dise\u00f1ada a trav\u00e9s de Modbus es enviada hacia el controlador"
    }
  ],
  "id": "CVE-2020-7543",
  "lastModified": "2024-11-21T05:37:20.977",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-12-11T01:15:12.580",
  "references": [
    {
      "source": "cybersecurity@se.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-08/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.se.com/ww/en/download/document/SEVD-2020-343-08/"
    }
  ],
  "sourceIdentifier": "cybersecurity@se.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-754"
        }
      ],
      "source": "cybersecurity@se.com",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2019-03-21 19:29
Modified
2024-11-21 02:35
Severity ?
5.4 (Medium) - CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
Reflected Cross-Site Scripting (nonpersistent) allows an attacker to craft a specific URL, which contains Java script that will be executed on the Schneider Electric Modicon BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP342020, BMXP342020H, BMXP342030, BMXP3420302, BMXP3420302H, or BMXP342030H PLC client browser.
References
ics-cert@hq.dhs.govhttps://ics-cert.us-cert.gov/advisories/ICSA-15-246-02Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108https://ics-cert.us-cert.gov/advisories/ICSA-15-246-02Third Party Advisory, US Government Resource
Impacted products
Vendor Product Version
schneider-electric bmxnoc0401_firmware -
schneider-electric bmxnoc0401 -
schneider-electric bmxnoe0100_firmware -
schneider-electric bmxnoe0100 -
schneider-electric bmxnoe0110_firmware -
schneider-electric bmxnoe0110 -
schneider-electric bmxnoe0110h_firmware -
schneider-electric bmxnoe0110h -
schneider-electric bmxnor0200h_firmware -
schneider-electric bmxnor0200h -
schneider-electric modicon_m340_bmxp342020_firmware -
schneider-electric modicon_m340_bmxp342020 -
schneider-electric modicon_m340_bmxp342020h_firmware -
schneider-electric modicon_m340_bmxp342020h -
schneider-electric modicon_m340_bmxp342030_firmware -
schneider-electric modicon_m340_bmxp342030 -
schneider-electric modicon_m340_bmxp3420302_firmware -
schneider-electric modicon_m340_bmxp3420302 -
schneider-electric modicon_m340_bmxp3420302h_firmware -
schneider-electric modicon_m340_bmxp3420302h -
schneider-electric modicon_m340_bmxp342030h_firmware -
schneider-electric modicon_m340_bmxp342030h -


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnoc0401_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1769F1F-EAA9-4EE6-9333-A9A4EF4F0F44",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnoc0401:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF08654A-FFCB-47D3-AC82-DF7284548962",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnoe0100_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6712F95-3145-4A61-AF36-F0ECEE961ACD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnoe0100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80FC6FF2-D662-4A57-AAA6-BC04351DC779",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnoe0110_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6E813C6-D9FF-4BEE-969C-FD3C347AE9AF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnoe0110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98F3B055-8919-4E09-9827-288F0A03DAFF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnoe0110h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C19F796-5548-45AA-ACED-25D9E640306E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnoe0110h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E47DB14-EF4B-4E4E-9DA2-B3F6EFA72BF4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:bmxnor0200h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D0B4021-E058-4B5B-823B-BB1C0A939E30",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:bmxnor0200h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "60D9A366-3394-4275-B884-AE6E7227156E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6B88FC3-8FD3-4A2F-A2F0-BE6E29CB7D4F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99F2F851-C18F-4CB8-B47C-516F2AC7955D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "86AA8980-5D94-4B49-858C-E24290AE8D36",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "56BAED8B-EEFA-45D7-A5A3-9B62067CE24C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342030_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "90674B8F-C4BD-46AF-A86D-A01531074FB6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342030:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E472ABB0-5556-4B96-9CEF-2180E24FA7FD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F8EA70F-DD0C-4835-AA65-2B826807756B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "354968F7-C41B-4C21-8E47-81DC07DF0EA5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3E85D90-A4B8-46B9-B654-84CD68FCF658",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "075A16D1-F4DF-4DCB-8DF9-152E282CE01F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342030h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBDA1A8F-6AAF-4D09-9DB4-FACAB918963C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342030h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF9608E7-C9B5-4945-9609-690231DB1B5A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Reflected Cross-Site Scripting (nonpersistent) allows an attacker to craft a specific URL, which contains Java script that will be executed on the Schneider Electric Modicon BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP342020, BMXP342020H, BMXP342030, BMXP3420302, BMXP3420302H, or BMXP342030H PLC client browser."
    },
    {
      "lang": "es",
      "value": "Cross-Site Scripting (XSS) reflejado (no persistente) permite que un atacante manipule una URL espec\u00edfica, que contiene JavaScript que se ejecutar\u00e1 en el navegador del cliente PLC de Modicon BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP342020, BMXP342020H, BMXP342030, BMXP3420302, BMXP3420302H o BMXP342030H."
    }
  ],
  "id": "CVE-2015-6462",
  "lastModified": "2024-11-21T02:35:00.833",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 3.5,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 6.8,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-03-21T19:29:00.317",
  "references": [
    {
      "source": "ics-cert@hq.dhs.gov",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-246-02"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://ics-cert.us-cert.gov/advisories/ICSA-15-246-02"
    }
  ],
  "sourceIdentifier": "ics-cert@hq.dhs.gov",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "ics-cert@hq.dhs.gov",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}