Vulnerability-Lookup - Search a vulnerability

Vulnerability from fkie_nvd

Published

2021-09-02 17:15

Modified

2024-11-21 05:50

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxureª Control Expert, including all Unity Pro versions (former name of EcoStruxureª Control Expert, all versions), PLC Simulator for EcoStruxureª Process Expert including all HDCS versions (former name of EcoStruxureª Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions).

References

▼	URL	Tags
	cybersecurity@se.com	https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-04	Patch, Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-04	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
schneider-electric	modicon_m340_bmxp341000	-
schneider-electric	modicon_m340_bmxp342010	-
schneider-electric	modicon_m340_bmxp342020	-
schneider-electric	modicon_m340_bmxp342030	-
schneider-electric	modicon_m580_bmeh582040	-
schneider-electric	modicon_m580_bmeh582040c	-
schneider-electric	modicon_m580_bmeh582040s	-
schneider-electric	modicon_m580_bmeh584040	-
schneider-electric	modicon_m580_bmeh584040c	-
schneider-electric	modicon_m580_bmeh584040s	-
schneider-electric	modicon_m580_bmeh586040	-
schneider-electric	modicon_m580_bmeh586040c	-
schneider-electric	modicon_m580_bmeh586040s	-
schneider-electric	modicon_m580_bmep581020	-
schneider-electric	modicon_m580_bmep581020h	-
schneider-electric	modicon_m580_bmep582020	-
schneider-electric	modicon_m580_bmep582020h	-
schneider-electric	modicon_m580_bmep582040	-
schneider-electric	modicon_m580_bmep582040h	-
schneider-electric	modicon_m580_bmep582040s	-
schneider-electric	modicon_m580_bmep583020	-
schneider-electric	modicon_m580_bmep583040	-
schneider-electric	modicon_m580_bmep584020	-
schneider-electric	modicon_m580_bmep584040	-
schneider-electric	modicon_m580_bmep584040s	-
schneider-electric	modicon_m580_bmep585040	-
schneider-electric	modicon_m580_bmep585040c	-
schneider-electric	modicon_m580_bmep586040	-
schneider-electric	modicon_m580_bmep586040c	-
schneider-electric	modicon_mc80_bmkc8020301	-
schneider-electric	modicon_mc80_bmkc8020310	-
schneider-electric	modicon_mc80_bmkc8030311	-
schneider-electric	modicon_momentum_171cbu78090	-
schneider-electric	modicon_momentum_171cbu98090	-
schneider-electric	modicon_momentum_171cbu98091	-
schneider-electric	modicon_premium_tsxp57_1634m	-
schneider-electric	modicon_premium_tsxp57_2634m	-
schneider-electric	modicon_premium_tsxp57_2834m	-
schneider-electric	modicon_premium_tsxp57_454m	-
schneider-electric	modicon_premium_tsxp57_4634m	-
schneider-electric	modicon_premium_tsxp57_554m	-
schneider-electric	modicon_premium_tsxp57_5634m	-
schneider-electric	modicon_premium_tsxp57_6634m	-
schneider-electric	modicon_quantum_140cpu65150	-
schneider-electric	modicon_quantum_140cpu65150c	-
schneider-electric	modicon_quantum_140cpu65160	-
schneider-electric	modicon_quantum_140cpu65160c	-
schneider-electric	plc_simulator_for_ecostruxure_control_expert	-
schneider-electric	plc_simulator_for_ecostruxure_process_expert	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "178D2338-E48E-493C-992F-337AACE794DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "833B2455-5D39-4457-9D6F-0CD738A2EB02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99F2F851-C18F-4CB8-B47C-516F2AC7955D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342030:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E472ABB0-5556-4B96-9CEF-2180E24FA7FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F484F8BB-60B5-4045-92C3-0C2A0CD4107E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4F0F823-89EA-451D-81DC-07AACA039371",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "610AE743-9FD1-4149-AD45-3B1DAE268BF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "77116949-1141-432D-964B-29A759939E8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6CE23A2-09CC-4417-A45F-63BCA66C4DD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "97AAD857-95C0-4AE3-8510-CB306E8293F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "07E2FB94-F402-4CF0-BE35-574C1C6528BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E776EE9-A662-4068-A61A-62CAE23C87F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D53BD038-D594-41FF-B3EF-3365C5432AD0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep581020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2317F260-7AA2-4178-B468-03DF36223E26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep581020h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D7DDC42-37A1-43B0-AD46-2E0D098564BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "765E4FEE-255E-4C47-824A-5661B84B490B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582020h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1FEA377-3C45-4F88-B233-088A24BD0771",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBCCDD6D-35CE-4680-8B0C-86584B1D8958",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "68FD5968-C522-4231-A98C-93D3101B6148",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C02B27F6-B8CF-4D3B-9DA6-054F540EA6B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep583020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBC38FF1-693E-4899-883C-1B7B80A52F2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep583040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "002E7F33-6729-4C35-9DDA-7D8383BD5668",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "47DFEBAC-2F1D-4870-8425-2199BF80B425",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC4A1DF2-FF4C-4DBE-BF74-6A4A09E3DECE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6222C1F8-BE52-4666-B7F5-2E8BBC214F70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep585040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5376D9F4-8AFB-4909-A11B-33C54C4220DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep585040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CADB178B-FEFD-48A9-B155-0E8F6D490229",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep586040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B3C1879-269B-47EB-891B-EF2E90C911D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep586040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5771A1A5-3DAF-4869-A24F-F9B0A38B5DA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_mc80_bmkc8020301:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "62B3CEFA-BCF8-4305-B81A-980AA1352515",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_mc80_bmkc8020310:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C1A9EE4-9564-45F6-8CF8-1A820E469B41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_mc80_bmkc8030311:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "026D5E27-E50D-4614-A3EB-C54150C85572",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_momentum_171cbu78090:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B765DF6-1D0A-4191-9AD7-250A7EB691BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_momentum_171cbu98090:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "67152082-E085-4111-98BA-6E9EF14ADB91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_momentum_171cbu98091:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD68FC34-691B-406E-A59D-2596215AE314",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_1634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB98E7F1-DD61-47F5-A6BB-18D75FDFAB70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_2634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39E46898-7206-45C1-9A93-729B5905EF38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_2834m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C97A89AF-103A-4D2A-9EAF-42CEC88A2BCA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_454m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "32B611B6-1138-40DF-848A-A4A10E1DB0F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_4634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF901CCB-1BC4-4EDA-A3D7-ED7523128EAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_554m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4479C318-EE74-4338-B172-EC13D4D62246",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_5634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98A25B72-B3A9-4717-8AA9-B164226DF9D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_6634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "889E9E8B-688E-420E-9A99-AB64BA7ABCDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E3446A5-69F7-4270-93E2-CD5614970698",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65150c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08FE0C5D-3132-48AD-92EB-B7C4277C1FAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65160:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD3F1B7C-7972-463E-930E-F359A402DAF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65160c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC9D2D4D-558B-424E-AB04-429C83F06DB7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:plc_simulator_for_ecostruxure_control_expert:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A63ECFF-261A-4C39-964E-CBC4B97147DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:plc_simulator_for_ecostruxure_process_expert:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B722F22-2CEB-426B-9615-DD3B73A671F4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxure\u00aa Control Expert, including all Unity Pro versions (former name of EcoStruxure\u00aa Control Expert, all versions), PLC Simulator for EcoStruxure\u00aa Process Expert including all HDCS versions (former name of EcoStruxure\u00aa Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)."
    },
    {
      "lang": "es",
      "value": "Una CWE-119: Una vulnerabilidad de Restricci\u00f3n Inapropiada de Operaciones dentro de los L\u00edmites de un B\u00fafer de Memoria que podr\u00eda causar una Denegaci\u00f3n de Servicio en el controlador/simulador del PLC Modicon cuando se actualiza la aplicaci\u00f3n del controlador con un archivo de proyecto especialmente dise\u00f1ado se presenta en Modicon M580 CPU (n\u00fameros de pieza BMEP* and BMEH*, todas las versiones), Modicon M340 CPU (n\u00fameros de pieza BMXP34*, todas las versiones), Modicon MC80 (n\u00fameros de pieza BMKC80*, todas las versiones), Modicon Momentum Ethernet CPU (n\u00fameros de pieza 171CBU*, todas las versiones), PLC Simulator for EcoStruxure\u00aa Control Expert, incluyendo todas las versiones Unity Pro (antiguo nombre de EcoStruxure\u00aa Control Expert, todas las versiones), PLC Simulator for EcoStruxure\u00aa Process Expert incluyendo todas las versiones HDCS (antiguo nombre de EcoStruxure\u00aa Process Expert, todas las versiones), Modicon Quantum CPU (n\u00fameros de pieza 140CPU*, todas las versiones), Modicon Premium CPU (n\u00fameros de pieza TSXP5*, todas las versiones)"
    }
  ],
  "id": "CVE-2021-22789",
  "lastModified": "2024-11-21T05:50:40.377",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-09-02T17:15:08.180",
  "references": [
    {
      "source": "cybersecurity@se.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-04"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-04"
    }
  ],
  "sourceIdentifier": "cybersecurity@se.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "cybersecurity@se.com",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2023-01-30 13:15

Modified

2024-11-21 07:29

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality & integrity when a malicious project file is loaded onto the controller. Affected Products: EcoStruxure Control Expert (All Versions), EcoStruxure Process Expert (All Versions), Modicon M340 CPU - part numbers BMXP34* (All Versions), Modicon M580 CPU - part numbers BMEP* and BMEH* (All Versions), Modicon M580 CPU Safety - part numbers BMEP58*S and BMEH58*S (All Versions), Modicon Momentum Unity M1E Processor - 171CBU* (All Versions), Modicon MC80 - BMKC80 (All Versions), Legacy Modicon Quantum - 140CPU65* and Premium CPUs - TSXP57* (All Versions)

References

▼	URL	Tags
	cybersecurity@se.com	https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-010-05&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-010-05_Modicon_Controllers_Security_Notification.pdf	Patch, Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-010-05&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-010-05_Modicon_Controllers_Security_Notification.pdf	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
schneider-electric	ecostruxure_control_expert	*
schneider-electric	ecostruxure_process_expert	*
schneider-electric	modicon_m340_bmxp341000_firmware	-
schneider-electric	modicon_m340_bmxp341000	-
schneider-electric	modicon_m340_bmxp342000_firmware	-
schneider-electric	modicon_m340_bmxp342000	-
schneider-electric	modicon_m340_bmxp342010_firmware	-
schneider-electric	modicon_m340_bmxp342010	-
schneider-electric	modicon_m340_bmxp3420102_firmware	-
schneider-electric	modicon_m340_bmxp3420102	-
schneider-electric	modicon_m340_bmxp342020_firmware	-
schneider-electric	modicon_m340_bmxp342020	-
schneider-electric	modicon_m340_bmxp342020h_firmware	-
schneider-electric	modicon_m340_bmxp342020h	-
schneider-electric	modicon_m340_bmxp342030_firmware	-
schneider-electric	modicon_m340_bmxp342030	-
schneider-electric	modicon_m340_bmxp3420302_firmware	-
schneider-electric	modicon_m340_bmxp3420302	-
schneider-electric	modicon_m340_bmxp3420302h_firmware	-
schneider-electric	modicon_m340_bmxp3420302h	-
schneider-electric	modicon_m340_bmxp342030h_firmware	-
schneider-electric	modicon_m340_bmxp342030h	-
schneider-electric	modicon_m580_bmeh582040_firmware	-
schneider-electric	modicon_m580_bmeh582040	-
schneider-electric	modicon_m580_bmeh582040c_firmware	-
schneider-electric	modicon_m580_bmeh582040c	-
schneider-electric	modicon_m580_bmeh582040s_firmware	-
schneider-electric	modicon_m580_bmeh582040s	-
schneider-electric	modicon_m580_bmeh584040_firmware	-
schneider-electric	modicon_m580_bmeh584040	-
schneider-electric	modicon_m580_bmeh584040c_firmware	-
schneider-electric	modicon_m580_bmeh584040c	-
schneider-electric	modicon_m580_bmeh584040s_firmware	-
schneider-electric	modicon_m580_bmeh584040s	-
schneider-electric	modicon_m580_bmeh586040_firmware	-
schneider-electric	modicon_m580_bmeh586040	-
schneider-electric	modicon_m580_bmeh586040c_firmware	-
schneider-electric	modicon_m580_bmeh586040c	-
schneider-electric	modicon_m580_bmeh586040s_firmware	-
schneider-electric	modicon_m580_bmeh586040s	-
schneider-electric	modicon_m580_bmep581020_firmware	-
schneider-electric	modicon_m580_bmep581020	-
schneider-electric	modicon_m580_bmep581020h_firmware	-
schneider-electric	modicon_m580_bmep581020h	-
schneider-electric	modicon_m580_bmep582020_firmware	-
schneider-electric	modicon_m580_bmep582020	-
schneider-electric	modicon_m580_bmep582020h_firmware	-
schneider-electric	modicon_m580_bmep582020h	-
schneider-electric	modicon_m580_bmep582040_firmware	-
schneider-electric	modicon_m580_bmep582040	-
schneider-electric	modicon_m580_bmep582040h_firmware	-
schneider-electric	modicon_m580_bmep582040h	-
schneider-electric	modicon_m580_bmep582040s_firmware	-
schneider-electric	modicon_m580_bmep582040s	-
schneider-electric	modicon_m580_bmep583020_firmware	-
schneider-electric	modicon_m580_bmep583020	-
schneider-electric	modicon_m580_bmep583040_firmware	-
schneider-electric	modicon_m580_bmep583040	-
schneider-electric	modicon_m580_bmep584020_firmware	-
schneider-electric	modicon_m580_bmep584020	-
schneider-electric	modicon_m580_bmep584040_firmware	-
schneider-electric	modicon_m580_bmep584040	-
schneider-electric	modicon_m580_bmep584040s_firmware	-
schneider-electric	modicon_m580_bmep584040s	-
schneider-electric	modicon_m580_bmep585040_firmware	-
schneider-electric	modicon_m580_bmep585040	-
schneider-electric	modicon_m580_bmep585040c_firmware	-
schneider-electric	modicon_m580_bmep585040c	-
schneider-electric	modicon_m580_bmep586040_firmware	-
schneider-electric	modicon_m580_bmep586040	-
schneider-electric	modicon_m580_bmep586040c_firmware	-
schneider-electric	modicon_m580_bmep586040c	-
schneider-electric	modicon_momentum_171cbu78090_firmware	-
schneider-electric	modicon_momentum_171cbu78090	-
schneider-electric	modicon_momentum_171cbu98090_firmware	-
schneider-electric	modicon_momentum_171cbu98090	-
schneider-electric	modicon_momentum_171cbu98091_firmware	-
schneider-electric	modicon_momentum_171cbu98091	-
schneider-electric	modicon_mc80_bmkc8020301_firmware	-
schneider-electric	modicon_mc80_bmkc8020301	-
schneider-electric	modicon_mc80_bmkc8020310_firmware	-
schneider-electric	modicon_mc80_bmkc8020310	-
schneider-electric	modicon_mc80_bmkc8030311_firmware	-
schneider-electric	modicon_mc80_bmkc8030311	-
schneider-electric	modicon_quantum_140cpu65150_firmware	-
schneider-electric	modicon_quantum_140cpu65150	-
schneider-electric	modicon_quantum_140cpu65150c_firmware	-
schneider-electric	modicon_quantum_140cpu65150c	-
schneider-electric	modicon_quantum_140cpu65160_firmware	-
schneider-electric	modicon_quantum_140cpu65160	-
schneider-electric	modicon_quantum_140cpu65160c_firmware	-
schneider-electric	modicon_quantum_140cpu65160c	-
schneider-electric	modicon_premium_tsxp57_1634m_firmware	-
schneider-electric	modicon_premium_tsxp57_1634m	-
schneider-electric	modicon_premium_tsxp57_2634m_firmware	-
schneider-electric	modicon_premium_tsxp57_2634m	-
schneider-electric	modicon_premium_tsxp57_2834m_firmware	-
schneider-electric	modicon_premium_tsxp57_2834m	-
schneider-electric	modicon_premium_tsxp57_454m_firmware	-
schneider-electric	modicon_premium_tsxp57_454m	-
schneider-electric	modicon_premium_tsxp57_4634m_firmware	-
schneider-electric	modicon_premium_tsxp57_4634m	-
schneider-electric	modicon_premium_tsxp57_554m_firmware	-
schneider-electric	modicon_premium_tsxp57_554m	-
schneider-electric	modicon_premium_tsxp57_5634m_firmware	-
schneider-electric	modicon_premium_tsxp57_5634m	-
schneider-electric	modicon_premium_tsxp57_6634m_firmware	-
schneider-electric	modicon_premium_tsxp57_6634m	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:schneider-electric:ecostruxure_control_expert:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "18E8CCC1-A467-4FEF-964D-8481EAE892EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:schneider-electric:ecostruxure_process_expert:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAB4A9EC-96A2-424D-A858-162E662EBEFB",
              "versionEndExcluding": "2021",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp341000_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EC4B64B-CF0F-46CE-91FB-6A320F83B190",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "178D2338-E48E-493C-992F-337AACE794DE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342000_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "64041ACC-0BF1-45F7-B1AB-6C836BD606BB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D150239-27E2-4CBE-A931-5107C15E362F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342010_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D7B5B28-99F5-4A94-9D65-204943941047",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "833B2455-5D39-4457-9D6F-0CD738A2EB02",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420102_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D597D553-9E36-453A-8C82-FCBB38E6DE49",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420102:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98212CF5-BCF4-4A55-B62A-484569687B4E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6B88FC3-8FD3-4A2F-A2F0-BE6E29CB7D4F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99F2F851-C18F-4CB8-B47C-516F2AC7955D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "86AA8980-5D94-4B49-858C-E24290AE8D36",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "56BAED8B-EEFA-45D7-A5A3-9B62067CE24C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342030_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "90674B8F-C4BD-46AF-A86D-A01531074FB6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342030:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E472ABB0-5556-4B96-9CEF-2180E24FA7FD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F8EA70F-DD0C-4835-AA65-2B826807756B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "354968F7-C41B-4C21-8E47-81DC07DF0EA5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp3420302h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3E85D90-A4B8-46B9-B654-84CD68FCF658",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp3420302h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "075A16D1-F4DF-4DCB-8DF9-152E282CE01F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmxp342030h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBDA1A8F-6AAF-4D09-9DB4-FACAB918963C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342030h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF9608E7-C9B5-4945-9609-690231DB1B5A",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh582040_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F86533A-406B-4910-B7D2-B378E8872756",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F484F8BB-60B5-4045-92C3-0C2A0CD4107E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh582040c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "47004801-3437-4484-AD19-6CC304783744",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4F0F823-89EA-451D-81DC-07AACA039371",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh582040s_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF50AC83-B422-4B6A-99B2-03A8DA8D191D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "610AE743-9FD1-4149-AD45-3B1DAE268BF9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh584040_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC42A466-5909-4D9B-B243-D86C7AFC0141",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "77116949-1141-432D-964B-29A759939E8F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh584040c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F30A43E-77DB-4015-BCB9-8C491642C51D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6CE23A2-09CC-4417-A45F-63BCA66C4DD8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh584040s_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B78759C-F64C-404D-B161-7A27721B9661",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "97AAD857-95C0-4AE3-8510-CB306E8293F4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh586040_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "832C2EFD-1D6F-4229-B17D-E94F64E8AC35",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "07E2FB94-F402-4CF0-BE35-574C1C6528BA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh586040c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CC9304A-6730-41FA-86D8-900661D66A1F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E776EE9-A662-4068-A61A-62CAE23C87F7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh586040s_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "59504A45-62E8-4C7B-AE03-2C0E8BBF1534",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D53BD038-D594-41FF-B3EF-3365C5432AD0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep581020_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7FFCF8C-AD13-4505-857A-D7948C83E509",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep581020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2317F260-7AA2-4178-B468-03DF36223E26",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep581020h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "355F55BE-861F-46B1-9B8F-B9081984E087",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep581020h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D7DDC42-37A1-43B0-AD46-2E0D098564BA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582020_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8053B00-018B-4350-A51C-609F45BD158E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "765E4FEE-255E-4C47-824A-5661B84B490B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582020h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3497D351-5CF2-42DB-82E0-BCA418998EB6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582020h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1FEA377-3C45-4F88-B233-088A24BD0771",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582040_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DBA3EED4-A7A9-4F7C-9B82-BCC21350DEC0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBCCDD6D-35CE-4680-8B0C-86584B1D8958",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582040h_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4742CA0B-D062-4A75-AB60-4E11043F741D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "68FD5968-C522-4231-A98C-93D3101B6148",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582040s_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F44EA1CC-2DF4-496E-A892-E47E94861B45",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C02B27F6-B8CF-4D3B-9DA6-054F540EA6B6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep583020_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0CFF8FE-21DE-4F9F-9FEA-4EB5184C3353",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep583020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBC38FF1-693E-4899-883C-1B7B80A52F2C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep583040_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "03E33BBC-D1C1-482D-A4E3-093BED191EC7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep583040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "002E7F33-6729-4C35-9DDA-7D8383BD5668",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep584020_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D1AD7B8-8F43-4B58-986E-ECBEFE514CC9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "47DFEBAC-2F1D-4870-8425-2199BF80B425",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep584040_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "31E97992-1012-4848-B3A5-54642B365B78",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC4A1DF2-FF4C-4DBE-BF74-6A4A09E3DECE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep584040s_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A80A200E-2DC9-4FE8-A685-22DC6F8333A5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6222C1F8-BE52-4666-B7F5-2E8BBC214F70",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep585040_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3F2213C-CB04-4A45-BA1E-CD8FC89BB294",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep585040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5376D9F4-8AFB-4909-A11B-33C54C4220DB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep585040c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D69E5723-590F-4CF6-8C13-9565EAB2522A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep585040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CADB178B-FEFD-48A9-B155-0E8F6D490229",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep586040_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B17D236-B8E5-4340-94BB-0B68B6F76255",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep586040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B3C1879-269B-47EB-891B-EF2E90C911D7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep586040c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B8A9E71-0828-4438-8531-D7C577C63BC7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep586040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5771A1A5-3DAF-4869-A24F-F9B0A38B5DA5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_momentum_171cbu78090_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B26E867-5C0E-413E-B733-6865347C2140",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_momentum_171cbu78090:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B765DF6-1D0A-4191-9AD7-250A7EB691BF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_momentum_171cbu98090_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FA5F1B5-FEC3-458B-B411-AC19E90E2973",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_momentum_171cbu98090:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "67152082-E085-4111-98BA-6E9EF14ADB91",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_momentum_171cbu98091_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "49247DB1-4B53-480B-B7BB-A0E37613E3D2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_momentum_171cbu98091:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD68FC34-691B-406E-A59D-2596215AE314",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_mc80_bmkc8020301_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "83AFD695-E028-405A-B6CE-4AEAD55B676F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_mc80_bmkc8020301:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "62B3CEFA-BCF8-4305-B81A-980AA1352515",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_mc80_bmkc8020310_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AF5C51E-658E-497E-AF66-531C6337D8C6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_mc80_bmkc8020310:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C1A9EE4-9564-45F6-8CF8-1A820E469B41",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_mc80_bmkc8030311_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2DF7857-E543-46E4-AFC3-585BEA9E5B21",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_mc80_bmkc8030311:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "026D5E27-E50D-4614-A3EB-C54150C85572",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_quantum_140cpu65150_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF686D3D-B614-41D1-A023-3DA76B296601",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E3446A5-69F7-4270-93E2-CD5614970698",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_quantum_140cpu65150c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "520D0A9C-ACC9-4FDD-93F5-DD807BA3C4DA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65150c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08FE0C5D-3132-48AD-92EB-B7C4277C1FAA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_quantum_140cpu65160_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1BF8361-6FA9-46A1-93B3-3CC269935F50",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65160:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD3F1B7C-7972-463E-930E-F359A402DAF5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_quantum_140cpu65160c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8B77E0F-CC13-42B6-AF46-556FB02BA4CD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65160c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC9D2D4D-558B-424E-AB04-429C83F06DB7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_premium_tsxp57_1634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5D930A5-787A-48FD-BFA2-4D1BC70C9224",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_1634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB98E7F1-DD61-47F5-A6BB-18D75FDFAB70",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_premium_tsxp57_2634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80937C5F-5962-46D3-8BA2-1650CAC6DC0C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_2634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39E46898-7206-45C1-9A93-729B5905EF38",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_premium_tsxp57_2834m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "695475B9-A4A4-4218-8D21-71797A0F1F10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_2834m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C97A89AF-103A-4D2A-9EAF-42CEC88A2BCA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_premium_tsxp57_454m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B787E978-0842-4385-9ADD-6CA947A6F697",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_454m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "32B611B6-1138-40DF-848A-A4A10E1DB0F2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_premium_tsxp57_4634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1788D10E-11FB-4EF1-9B57-89A2EF3A4576",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_4634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF901CCB-1BC4-4EDA-A3D7-ED7523128EAA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_premium_tsxp57_554m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C613326A-E313-4B3F-ADF7-128B3A904422",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_554m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4479C318-EE74-4338-B172-EC13D4D62246",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_premium_tsxp57_5634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8AC92C16-6212-4D20-B478-98D538C2FCCF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_5634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98A25B72-B3A9-4717-8AA9-B164226DF9D9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_premium_tsxp57_6634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "72F0A61F-37A4-43C9-BC78-296C9AF08341",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_6634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "889E9E8B-688E-420E-9A99-AB64BA7ABCDC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality \u0026 integrity when a malicious project file is loaded onto the controller. Affected Products: EcoStruxure Control Expert (All Versions), EcoStruxure Process Expert (All Versions), Modicon M340 CPU - part numbers BMXP34* (All Versions), Modicon M580 CPU - part numbers BMEP* and BMEH* (All Versions), Modicon M580 CPU Safety - part numbers BMEP58*S and BMEH58*S (All Versions), Modicon Momentum Unity M1E Processor - 171CBU* (All Versions), Modicon MC80 - BMKC80 (All Versions), Legacy Modicon Quantum - 140CPU65* and Premium CPUs - TSXP57* (All Versions)\n\n"
    },
    {
      "lang": "es",
      "value": "Existe una vulnerabilidad CWE-754: Comprobaci\u00f3n inadecuada de condiciones inusuales o excepcionales que podr\u00eda provocar la ejecuci\u00f3n de c\u00f3digo arbitrario, denegaci\u00f3n de servicio y p\u00e9rdida de confidencialidad y seguridad. integridad cuando se carga un archivo de proyecto malicioso en el controlador. Productos afectados: EcoStruxure Control Expert (todas las versiones), EcoStruxure Process Expert (todas las versiones), CPU Modicon M340 - n\u00fameros de pieza BMXP34* (todas las versiones), CPU Modicon M580 - n\u00fameros de pieza BMEP* y BMEH* (todas las versiones), Modicon M580 Seguridad de la CPU: n\u00fameros de pieza BMEP58*S y BMEH58*S (todas las versiones), procesador Modicon Momentum Unity M1E - 171CBU* (todas las versiones), Modicon MC80 - BMKC80 (todas las versiones), Modicon Quantum heredado - 140CPU65* y CPU Premium - TSXP57 * (Todas las versiones)"
    }
  ],
  "id": "CVE-2022-45788",
  "lastModified": "2024-11-21T07:29:43.093",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.6,
        "impactScore": 5.9,
        "source": "cybersecurity@se.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-01-30T13:15:09.310",
  "references": [
    {
      "source": "cybersecurity@se.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-010-05\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2023-010-05_Modicon_Controllers_Security_Notification.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-010-05\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2023-010-05_Modicon_Controllers_Security_Notification.pdf"
    }
  ],
  "sourceIdentifier": "cybersecurity@se.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-754"
        }
      ],
      "source": "cybersecurity@se.com",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-11-18 14:15

Modified

2024-11-21 05:37

Severity ?

8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Summary

A CWE-125: Out-of-Bounds Read vulnerability exists in the Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details) which could cause a segmentation fault or a buffer overflow when uploading a specially crafted file on the controller over FTP.

References

▼	URL	Tags
	cybersecurity@se.com	https://www.se.com/ww/en/download/document/SEVD-2020-315-01/	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.se.com/ww/en/download/document/SEVD-2020-315-01/	Vendor Advisory

Impacted products

Vendor	Product	Version
schneider-electric	modicon_tsxety4103_firmware	*
schneider-electric	modicon_tsxety4103	-
schneider-electric	modicon_tsxety5103_firmware	*
schneider-electric	modicon_tsxety5103	-
schneider-electric	modicon_tsxp574634_firmware	*
schneider-electric	modicon_tsxp574634	-
schneider-electric	modicon_tsxp575634_firmware	*
schneider-electric	modicon_tsxp575634	-
schneider-electric	modicon_tsxp576634_firmware	*
schneider-electric	modicon_tsxp576634	-
schneider-electric	modicon_quantum_140noe77101_firmware	*
schneider-electric	modicon_quantum_140noe77101	-
schneider-electric	modicon_quantum_140noe77111_firmware	*
schneider-electric	modicon_quantum_140noe77111	-
schneider-electric	modicon_quantum_140noc78100_firmware	*
schneider-electric	modicon_quantum_140noc78100	-
schneider-electric	modicon_quantum_140cpu65150_firmware	*
schneider-electric	modicon_quantum_140cpu65150	-
schneider-electric	modicon_quantum_140cpu65150c_firmware	*
schneider-electric	modicon_quantum_140cpu65150c	-
schneider-electric	modicon_quantum_140cpu65160c_firmware	*
schneider-electric	modicon_quantum_140cpu65160c	-
schneider-electric	modicon_quantum_140cpu65160_firmware	*
schneider-electric	modicon_quantum_140cpu65160	-
schneider-electric	modicon_m340_bmx_p34-2010_firmware	*
schneider-electric	modicon_m340_bmx_p34-2010	-
schneider-electric	modicon_m340_bmx_p34-2030_firmware	*
schneider-electric	modicon_m340_bmx_p34-2030	-
schneider-electric	modicon_m340_bmx_noc_0401_firmware	*
schneider-electric	modicon_m340_bmx_noc_0401	-
schneider-electric	modicon_m340_bmx_noe_0100_firmware	*
schneider-electric	modicon_m340_bmx_noe_0100	-
schneider-electric	modicon_m340_bmx_noe_0100h_firmware	*
schneider-electric	modicon_m340_bmx_noe_0100h	-
schneider-electric	modicon_m340_bmx_noe_0110_firmware	*
schneider-electric	modicon_m340_bmx_noe_0110	-
schneider-electric	modicon_m340_bmx_noe_0110h_firmware	*
schneider-electric	modicon_m340_bmx_noe_0110h	-
schneider-electric	modicon_m340_bmx_nor_0200h_firmware	*
schneider-electric	modicon_m340_bmx_nor_0200h	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_tsxety4103_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8BB30B97-9E87-451D-8CE9-13A8234C64AA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_tsxety4103:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7E65D97-CE1A-4A45-A0C2-19294C52E51D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_tsxety5103_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "507A5F22-A607-4B1B-BCFF-FB17B27DDAA1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_tsxety5103:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1528A76-4289-4DF3-97A2-D37A3DF904C1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_tsxp574634_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "954CC47A-6118-4840-92C1-085B6A8BB3AC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_tsxp574634:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F168A1AA-14CA-4271-9779-A8A8A894F6C1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_tsxp575634_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "58A6C886-15CD-4E65-A41C-ADB378537CEC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_tsxp575634:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BB67F62-534E-4011-85EB-A854E80D5C51",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_tsxp576634_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6A18442-8172-4611-8796-E7C6786B2D54",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_tsxp576634:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "56843A77-4F72-4C1E-B535-1936B98DC067",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_quantum_140noe77101_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA478F7F-4F17-4B92-B2B6-66F406471579",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140noe77101:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "820638DC-323D-4187-8468-2495C1505860",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_quantum_140noe77111_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "743CDF67-BC0B-45A4-841D-076C049913E7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140noe77111:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C5587FE-4270-490C-BFE7-6DFC2B7AFE79",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_quantum_140noc78100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB8B2F06-7208-4B9F-8645-E615BCBC3F41",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140noc78100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "41D30C1F-F8C6-4B4A-8F62-C4F5B22E485C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_quantum_140cpu65150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "25D62146-B69B-4706-975A-8721B06BEE8E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E3446A5-69F7-4270-93E2-CD5614970698",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_quantum_140cpu65150c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "10D13B75-6AF9-445F-9B06-19FD678CD388",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65150c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08FE0C5D-3132-48AD-92EB-B7C4277C1FAA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_quantum_140cpu65160c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "784CC7A2-6A89-4C53-8ED4-7A21824D2C62",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65160c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC9D2D4D-558B-424E-AB04-429C83F06DB7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_quantum_140cpu65160_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F7792A2-5BDB-4F33-ADB8-2D4B6309088A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65160:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD3F1B7C-7972-463E-930E-F359A402DAF5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmx_p34-2010_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "90E09554-8011-4B23-8D35-61843D485DC4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmx_p34-2010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A76270E2-D48F-4149-9A97-76F3C5749723",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmx_p34-2030_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "750F0C04-9948-4D0B-ADF3-1A8F5EEE1DCB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmx_p34-2030:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FA6EC11-5E37-4534-908F-D3424AE01C79",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmx_noc_0401_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C493290F-1375-4C2B-BCCC-A12D4FDFE8AC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmx_noc_0401:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "00B8A86F-B257-49D9-AB43-3B9A28B543BA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmx_noe_0100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B8C54D9-2E50-4271-98A4-865991AAA4CD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmx_noe_0100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "28A486F8-6C88-43FA-B3BB-CE4AAFE9F5D9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmx_noe_0100h_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB39549A-8ACF-447D-A13A-A124AF25889E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmx_noe_0100h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1BDFEB0-C3B6-4329-A663-7EAA9124249F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmx_noe_0110_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "00D579C2-65B6-4602-862A-2EE9F89AE239",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmx_noe_0110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE415EC8-0F4B-4B21-8D10-91AFAA6DA4A3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmx_noe_0110h_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D51906B0-8DC5-4393-9331-5A66F8A51801",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmx_noe_0110h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4688DE1-369B-4726-8492-3FB65C682646",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmx_nor_0200h_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "02B853AA-1A4C-4AA1-91C0-60A88DA27107",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmx_nor_0200h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F283DEA-90D9-4EA5-9A1E-E62BE704D620",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A CWE-125: Out-of-Bounds Read vulnerability exists in the Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details) which could cause a segmentation fault or a buffer overflow when uploading a specially crafted file on the controller over FTP."
    },
    {
      "lang": "es",
      "value": "CWE-125: Una vulnerabilidad Lectura Fuera de L\u00edmites se presenta en el Servidor Web en las ofertas Modicon M340, Modicon Quantum y Modicon Premium Legacy y sus M\u00f3dulos de Comunicaci\u00f3n (consulte la notificaci\u00f3n para obtener m\u00e1s detalles) que podr\u00eda causar un fallo de segmentaci\u00f3n o un desbordamiento del b\u00fafer al cargar un archivo especialmente dise\u00f1ado en el controlador por medio de FTP"
    }
  ],
  "id": "CVE-2020-7562",
  "lastModified": "2024-11-21T05:37:22.960",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.1,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.2,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-11-18T14:15:12.377",
  "references": [
    {
      "source": "cybersecurity@se.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.se.com/ww/en/download/document/SEVD-2020-315-01/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.se.com/ww/en/download/document/SEVD-2020-315-01/"
    }
  ],
  "sourceIdentifier": "cybersecurity@se.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-125"
        }
      ],
      "source": "cybersecurity@se.com",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2021-09-02 17:15

Modified

2024-11-21 05:50

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A CWE-476: NULL Pointer Dereference vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxureª Control Expert, including all Unity Pro versions (former name of EcoStruxureª Control Expert, all versions), PLC Simulator for EcoStruxureª Process Expert including all HDCS versions (former name of EcoStruxureª Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions).

References

URL	Tags
cybersecurity@se.com	https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-07	Not Applicable
nvd@nist.gov	https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-04	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-07	Not Applicable

Impacted products

Vendor	Product	Version
schneider-electric	modicon_m340_bmxp341000	-
schneider-electric	modicon_m340_bmxp342010	-
schneider-electric	modicon_m340_bmxp342020	-
schneider-electric	modicon_m340_bmxp342030	-
schneider-electric	modicon_m580_bmeh582040	-
schneider-electric	modicon_m580_bmeh582040c	-
schneider-electric	modicon_m580_bmeh582040s	-
schneider-electric	modicon_m580_bmeh584040	-
schneider-electric	modicon_m580_bmeh584040c	-
schneider-electric	modicon_m580_bmeh584040s	-
schneider-electric	modicon_m580_bmeh586040	-
schneider-electric	modicon_m580_bmeh586040c	-
schneider-electric	modicon_m580_bmeh586040s	-
schneider-electric	modicon_m580_bmep581020	-
schneider-electric	modicon_m580_bmep581020h	-
schneider-electric	modicon_m580_bmep582020	-
schneider-electric	modicon_m580_bmep582020h	-
schneider-electric	modicon_m580_bmep582040	-
schneider-electric	modicon_m580_bmep582040h	-
schneider-electric	modicon_m580_bmep582040s	-
schneider-electric	modicon_m580_bmep583020	-
schneider-electric	modicon_m580_bmep583040	-
schneider-electric	modicon_m580_bmep584020	-
schneider-electric	modicon_m580_bmep584040	-
schneider-electric	modicon_m580_bmep584040s	-
schneider-electric	modicon_m580_bmep585040	-
schneider-electric	modicon_m580_bmep585040c	-
schneider-electric	modicon_m580_bmep586040	-
schneider-electric	modicon_m580_bmep586040c	-
schneider-electric	modicon_mc80_bmkc8020301	-
schneider-electric	modicon_mc80_bmkc8020310	-
schneider-electric	modicon_mc80_bmkc8030311	-
schneider-electric	modicon_momentum_171cbu78090	-
schneider-electric	modicon_momentum_171cbu98090	-
schneider-electric	modicon_momentum_171cbu98091	-
schneider-electric	modicon_premium_tsxp57_1634m	-
schneider-electric	modicon_premium_tsxp57_2634m	-
schneider-electric	modicon_premium_tsxp57_2834m	-
schneider-electric	modicon_premium_tsxp57_454m	-
schneider-electric	modicon_premium_tsxp57_4634m	-
schneider-electric	modicon_premium_tsxp57_554m	-
schneider-electric	modicon_premium_tsxp57_5634m	-
schneider-electric	modicon_premium_tsxp57_6634m	-
schneider-electric	modicon_quantum_140cpu65150	-
schneider-electric	modicon_quantum_140cpu65150c	-
schneider-electric	modicon_quantum_140cpu65160	-
schneider-electric	modicon_quantum_140cpu65160c	-
schneider-electric	plc_simulator_for_ecostruxure_control_expert	-
schneider-electric	plc_simulator_for_ecostruxure_process_expert	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "178D2338-E48E-493C-992F-337AACE794DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "833B2455-5D39-4457-9D6F-0CD738A2EB02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99F2F851-C18F-4CB8-B47C-516F2AC7955D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342030:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E472ABB0-5556-4B96-9CEF-2180E24FA7FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F484F8BB-60B5-4045-92C3-0C2A0CD4107E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4F0F823-89EA-451D-81DC-07AACA039371",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "610AE743-9FD1-4149-AD45-3B1DAE268BF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "77116949-1141-432D-964B-29A759939E8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6CE23A2-09CC-4417-A45F-63BCA66C4DD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "97AAD857-95C0-4AE3-8510-CB306E8293F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "07E2FB94-F402-4CF0-BE35-574C1C6528BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E776EE9-A662-4068-A61A-62CAE23C87F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D53BD038-D594-41FF-B3EF-3365C5432AD0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep581020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2317F260-7AA2-4178-B468-03DF36223E26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep581020h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D7DDC42-37A1-43B0-AD46-2E0D098564BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "765E4FEE-255E-4C47-824A-5661B84B490B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582020h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1FEA377-3C45-4F88-B233-088A24BD0771",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBCCDD6D-35CE-4680-8B0C-86584B1D8958",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "68FD5968-C522-4231-A98C-93D3101B6148",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C02B27F6-B8CF-4D3B-9DA6-054F540EA6B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep583020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBC38FF1-693E-4899-883C-1B7B80A52F2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep583040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "002E7F33-6729-4C35-9DDA-7D8383BD5668",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "47DFEBAC-2F1D-4870-8425-2199BF80B425",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC4A1DF2-FF4C-4DBE-BF74-6A4A09E3DECE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6222C1F8-BE52-4666-B7F5-2E8BBC214F70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep585040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5376D9F4-8AFB-4909-A11B-33C54C4220DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep585040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CADB178B-FEFD-48A9-B155-0E8F6D490229",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep586040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B3C1879-269B-47EB-891B-EF2E90C911D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep586040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5771A1A5-3DAF-4869-A24F-F9B0A38B5DA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_mc80_bmkc8020301:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "62B3CEFA-BCF8-4305-B81A-980AA1352515",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_mc80_bmkc8020310:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C1A9EE4-9564-45F6-8CF8-1A820E469B41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_mc80_bmkc8030311:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "026D5E27-E50D-4614-A3EB-C54150C85572",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_momentum_171cbu78090:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B765DF6-1D0A-4191-9AD7-250A7EB691BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_momentum_171cbu98090:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "67152082-E085-4111-98BA-6E9EF14ADB91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_momentum_171cbu98091:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD68FC34-691B-406E-A59D-2596215AE314",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_1634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB98E7F1-DD61-47F5-A6BB-18D75FDFAB70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_2634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39E46898-7206-45C1-9A93-729B5905EF38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_2834m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C97A89AF-103A-4D2A-9EAF-42CEC88A2BCA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_454m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "32B611B6-1138-40DF-848A-A4A10E1DB0F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_4634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF901CCB-1BC4-4EDA-A3D7-ED7523128EAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_554m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4479C318-EE74-4338-B172-EC13D4D62246",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_5634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98A25B72-B3A9-4717-8AA9-B164226DF9D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_6634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "889E9E8B-688E-420E-9A99-AB64BA7ABCDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E3446A5-69F7-4270-93E2-CD5614970698",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65150c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08FE0C5D-3132-48AD-92EB-B7C4277C1FAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65160:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD3F1B7C-7972-463E-930E-F359A402DAF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65160c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC9D2D4D-558B-424E-AB04-429C83F06DB7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:plc_simulator_for_ecostruxure_control_expert:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A63ECFF-261A-4C39-964E-CBC4B97147DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:plc_simulator_for_ecostruxure_process_expert:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B722F22-2CEB-426B-9615-DD3B73A671F4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A CWE-476: NULL Pointer Dereference vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxure\u00aa Control Expert, including all Unity Pro versions (former name of EcoStruxure\u00aa Control Expert, all versions), PLC Simulator for EcoStruxure\u00aa Process Expert including all HDCS versions (former name of EcoStruxure\u00aa Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)."
    },
    {
      "lang": "es",
      "value": "Una CWE-476: Una vulnerabilidad de Desreferencia de Puntero NULL que podr\u00eda causar una Denegaci\u00f3n de Servicio en el controlador/simulador del PLC Modicon cuando se actualiza la aplicaci\u00f3n del controlador con un archivo de proyecto especialmente dise\u00f1ado se presenta en Modicon M580 CPU (n\u00fameros de pieza BMEP* and BMEH*, todas las versiones), Modicon M340 CPU (n\u00fameros de pieza BMXP34*, todas las versiones), Modicon MC80 (n\u00fameros de pieza BMKC80*, todas las versiones), Modicon Momentum Ethernet CPU (n\u00fameros de pieza 171CBU*, todas las versiones), PLC Simulator para EcoStruxure\u00aa Control Expert, incluidas todas las versiones Unity Pro (antiguo nombre de EcoStruxure\u00aa Control Expert, todas las versiones), PLC Simulator para EcoStruxure\u00aa Process Expert, incluidas todas las versiones HDCS (antiguo nombre de EcoStruxure\u00aa Process Expert, todas las versiones), Modicon Quantum CPU (n\u00fameros de pieza 140CPU*, todas las versiones), Modicon Premium CPU (n\u00fameros de pieza TSXP5*, todas las versiones)"
    }
  ],
  "id": "CVE-2021-22792",
  "lastModified": "2024-11-21T05:50:40.770",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-09-02T17:15:08.343",
  "references": [
    {
      "source": "cybersecurity@se.com",
      "tags": [
        "Not Applicable"
      ],
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-07"
    },
    {
      "source": "nvd@nist.gov",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-04"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Not Applicable"
      ],
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-07"
    }
  ],
  "sourceIdentifier": "cybersecurity@se.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-476"
        }
      ],
      "source": "cybersecurity@se.com",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-11-18 14:15

Modified

2024-11-21 05:37

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

A CWE-787: Out-of-bounds Write vulnerability exists in the Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details) which could cause corruption of data, a crash, or code execution when uploading a specially crafted file on the controller over FTP.

References

▼	URL	Tags
	cybersecurity@se.com	https://www.se.com/ww/en/download/document/SEVD-2020-315-01/	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.se.com/ww/en/download/document/SEVD-2020-315-01/	Vendor Advisory

Impacted products

Vendor	Product	Version
schneider-electric	modicon_tsxety4103_firmware	*
schneider-electric	modicon_tsxety4103	-
schneider-electric	modicon_tsxety5103_firmware	*
schneider-electric	modicon_tsxety5103	-
schneider-electric	modicon_tsxp574634_firmware	*
schneider-electric	modicon_tsxp574634	-
schneider-electric	modicon_tsxp575634_firmware	*
schneider-electric	modicon_tsxp575634	-
schneider-electric	modicon_tsxp576634_firmware	*
schneider-electric	modicon_tsxp576634	-
schneider-electric	modicon_quantum_140noe77101_firmware	*
schneider-electric	modicon_quantum_140noe77101	-
schneider-electric	modicon_quantum_140noe77111_firmware	*
schneider-electric	modicon_quantum_140noe77111	-
schneider-electric	modicon_quantum_140noc78100_firmware	*
schneider-electric	modicon_quantum_140noc78100	-
schneider-electric	modicon_quantum_140cpu65150_firmware	*
schneider-electric	modicon_quantum_140cpu65150	-
schneider-electric	modicon_quantum_140cpu65150c_firmware	*
schneider-electric	modicon_quantum_140cpu65150c	-
schneider-electric	modicon_quantum_140cpu65160c_firmware	*
schneider-electric	modicon_quantum_140cpu65160c	-
schneider-electric	modicon_quantum_140cpu65160_firmware	*
schneider-electric	modicon_quantum_140cpu65160	-
schneider-electric	modicon_m340_bmx_p34-2010_firmware	*
schneider-electric	modicon_m340_bmx_p34-2010	-
schneider-electric	modicon_m340_bmx_p34-2030_firmware	*
schneider-electric	modicon_m340_bmx_p34-2030	-
schneider-electric	modicon_m340_bmx_noc_0401_firmware	*
schneider-electric	modicon_m340_bmx_noc_0401	-
schneider-electric	modicon_m340_bmx_noe_0100_firmware	*
schneider-electric	modicon_m340_bmx_noe_0100	-
schneider-electric	modicon_m340_bmx_noe_0100h_firmware	*
schneider-electric	modicon_m340_bmx_noe_0100h	-
schneider-electric	modicon_m340_bmx_noe_0110_firmware	*
schneider-electric	modicon_m340_bmx_noe_0110	-
schneider-electric	modicon_m340_bmx_noe_0110h_firmware	*
schneider-electric	modicon_m340_bmx_noe_0110h	-
schneider-electric	modicon_m340_bmx_nor_0200h_firmware	*
schneider-electric	modicon_m340_bmx_nor_0200h	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_tsxety4103_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8BB30B97-9E87-451D-8CE9-13A8234C64AA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_tsxety4103:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7E65D97-CE1A-4A45-A0C2-19294C52E51D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_tsxety5103_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "507A5F22-A607-4B1B-BCFF-FB17B27DDAA1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_tsxety5103:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1528A76-4289-4DF3-97A2-D37A3DF904C1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_tsxp574634_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "954CC47A-6118-4840-92C1-085B6A8BB3AC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_tsxp574634:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F168A1AA-14CA-4271-9779-A8A8A894F6C1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_tsxp575634_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "58A6C886-15CD-4E65-A41C-ADB378537CEC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_tsxp575634:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BB67F62-534E-4011-85EB-A854E80D5C51",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_tsxp576634_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6A18442-8172-4611-8796-E7C6786B2D54",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_tsxp576634:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "56843A77-4F72-4C1E-B535-1936B98DC067",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_quantum_140noe77101_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA478F7F-4F17-4B92-B2B6-66F406471579",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140noe77101:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "820638DC-323D-4187-8468-2495C1505860",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_quantum_140noe77111_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "743CDF67-BC0B-45A4-841D-076C049913E7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140noe77111:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C5587FE-4270-490C-BFE7-6DFC2B7AFE79",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_quantum_140noc78100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB8B2F06-7208-4B9F-8645-E615BCBC3F41",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140noc78100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "41D30C1F-F8C6-4B4A-8F62-C4F5B22E485C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_quantum_140cpu65150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "25D62146-B69B-4706-975A-8721B06BEE8E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E3446A5-69F7-4270-93E2-CD5614970698",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_quantum_140cpu65150c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "10D13B75-6AF9-445F-9B06-19FD678CD388",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65150c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08FE0C5D-3132-48AD-92EB-B7C4277C1FAA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_quantum_140cpu65160c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "784CC7A2-6A89-4C53-8ED4-7A21824D2C62",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65160c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC9D2D4D-558B-424E-AB04-429C83F06DB7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_quantum_140cpu65160_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F7792A2-5BDB-4F33-ADB8-2D4B6309088A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65160:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD3F1B7C-7972-463E-930E-F359A402DAF5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmx_p34-2010_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "90E09554-8011-4B23-8D35-61843D485DC4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmx_p34-2010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A76270E2-D48F-4149-9A97-76F3C5749723",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmx_p34-2030_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "750F0C04-9948-4D0B-ADF3-1A8F5EEE1DCB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmx_p34-2030:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FA6EC11-5E37-4534-908F-D3424AE01C79",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmx_noc_0401_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C493290F-1375-4C2B-BCCC-A12D4FDFE8AC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmx_noc_0401:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "00B8A86F-B257-49D9-AB43-3B9A28B543BA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmx_noe_0100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B8C54D9-2E50-4271-98A4-865991AAA4CD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmx_noe_0100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "28A486F8-6C88-43FA-B3BB-CE4AAFE9F5D9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmx_noe_0100h_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB39549A-8ACF-447D-A13A-A124AF25889E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmx_noe_0100h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1BDFEB0-C3B6-4329-A663-7EAA9124249F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmx_noe_0110_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "00D579C2-65B6-4602-862A-2EE9F89AE239",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmx_noe_0110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE415EC8-0F4B-4B21-8D10-91AFAA6DA4A3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmx_noe_0110h_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D51906B0-8DC5-4393-9331-5A66F8A51801",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmx_noe_0110h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4688DE1-369B-4726-8492-3FB65C682646",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmx_nor_0200h_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "02B853AA-1A4C-4AA1-91C0-60A88DA27107",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmx_nor_0200h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F283DEA-90D9-4EA5-9A1E-E62BE704D620",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A CWE-787: Out-of-bounds Write vulnerability exists in the Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details) which could cause corruption of data, a crash, or code execution when uploading a specially crafted file on the controller over FTP."
    },
    {
      "lang": "es",
      "value": "CWE-787: Una vulnerabilidad de escritura fuera de l\u00edmites se presenta en el Servidor Web de unas ofertas de Modicon M340, Modicon Quantum y Modicon Premium Legacy y sus M\u00f3dulos de Comunicaci\u00f3n (v\u00e9ase la notificaci\u00f3n para m\u00e1s detalles) que podr\u00eda causar una corrupci\u00f3n de datos, un bloqueo o una ejecuci\u00f3n de c\u00f3digo al cargar un archivo especialmente dise\u00f1ado en el controlador por medio de FTP"
    }
  ],
  "id": "CVE-2020-7563",
  "lastModified": "2024-11-21T05:37:23.093",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-11-18T14:15:13.017",
  "references": [
    {
      "source": "cybersecurity@se.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.se.com/ww/en/download/document/SEVD-2020-315-01/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.se.com/ww/en/download/document/SEVD-2020-315-01/"
    }
  ],
  "sourceIdentifier": "cybersecurity@se.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "cybersecurity@se.com",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2020-11-18 14:15

Modified

2024-11-21 05:37

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

A CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability exists in the Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details) which could cause write access and the execution of commands when uploading a specially crafted file on the controller over FTP.

References

▼	URL	Tags
	cybersecurity@se.com	https://www.se.com/ww/en/download/document/SEVD-2020-315-01/	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.se.com/ww/en/download/document/SEVD-2020-315-01/	Vendor Advisory

Impacted products

Vendor	Product	Version
schneider-electric	modicon_tsxety4103_firmware	*
schneider-electric	modicon_tsxety4103	-
schneider-electric	modicon_tsxety5103_firmware	*
schneider-electric	modicon_tsxety5103	-
schneider-electric	modicon_tsxp574634_firmware	*
schneider-electric	modicon_tsxp574634	-
schneider-electric	modicon_tsxp575634_firmware	*
schneider-electric	modicon_tsxp575634	-
schneider-electric	modicon_tsxp576634_firmware	*
schneider-electric	modicon_tsxp576634	-
schneider-electric	modicon_quantum_140noe77101_firmware	*
schneider-electric	modicon_quantum_140noe77101	-
schneider-electric	modicon_quantum_140noe77111_firmware	*
schneider-electric	modicon_quantum_140noe77111	-
schneider-electric	modicon_quantum_140noc78100_firmware	*
schneider-electric	modicon_quantum_140noc78100	-
schneider-electric	modicon_quantum_140cpu65150_firmware	*
schneider-electric	modicon_quantum_140cpu65150	-
schneider-electric	modicon_quantum_140cpu65150c_firmware	*
schneider-electric	modicon_quantum_140cpu65150c	-
schneider-electric	modicon_quantum_140cpu65160c_firmware	*
schneider-electric	modicon_quantum_140cpu65160c	-
schneider-electric	modicon_quantum_140cpu65160_firmware	*
schneider-electric	modicon_quantum_140cpu65160	-
schneider-electric	modicon_m340_bmx_p34-2010_firmware	*
schneider-electric	modicon_m340_bmx_p34-2010	-
schneider-electric	modicon_m340_bmx_p34-2030_firmware	*
schneider-electric	modicon_m340_bmx_p34-2030	-
schneider-electric	modicon_m340_bmx_noc_0401_firmware	*
schneider-electric	modicon_m340_bmx_noc_0401	-
schneider-electric	modicon_m340_bmx_noe_0100_firmware	*
schneider-electric	modicon_m340_bmx_noe_0100	-
schneider-electric	modicon_m340_bmx_noe_0100h_firmware	*
schneider-electric	modicon_m340_bmx_noe_0100h	-
schneider-electric	modicon_m340_bmx_noe_0110_firmware	*
schneider-electric	modicon_m340_bmx_noe_0110	-
schneider-electric	modicon_m340_bmx_noe_0110h_firmware	*
schneider-electric	modicon_m340_bmx_noe_0110h	-
schneider-electric	modicon_m340_bmx_nor_0200h_firmware	*
schneider-electric	modicon_m340_bmx_nor_0200h	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_tsxety4103_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8BB30B97-9E87-451D-8CE9-13A8234C64AA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_tsxety4103:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7E65D97-CE1A-4A45-A0C2-19294C52E51D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_tsxety5103_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "507A5F22-A607-4B1B-BCFF-FB17B27DDAA1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_tsxety5103:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1528A76-4289-4DF3-97A2-D37A3DF904C1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_tsxp574634_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "954CC47A-6118-4840-92C1-085B6A8BB3AC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_tsxp574634:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F168A1AA-14CA-4271-9779-A8A8A894F6C1",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_tsxp575634_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "58A6C886-15CD-4E65-A41C-ADB378537CEC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_tsxp575634:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BB67F62-534E-4011-85EB-A854E80D5C51",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_tsxp576634_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6A18442-8172-4611-8796-E7C6786B2D54",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_tsxp576634:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "56843A77-4F72-4C1E-B535-1936B98DC067",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_quantum_140noe77101_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA478F7F-4F17-4B92-B2B6-66F406471579",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140noe77101:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "820638DC-323D-4187-8468-2495C1505860",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_quantum_140noe77111_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "743CDF67-BC0B-45A4-841D-076C049913E7",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140noe77111:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C5587FE-4270-490C-BFE7-6DFC2B7AFE79",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_quantum_140noc78100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB8B2F06-7208-4B9F-8645-E615BCBC3F41",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140noc78100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "41D30C1F-F8C6-4B4A-8F62-C4F5B22E485C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_quantum_140cpu65150_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "25D62146-B69B-4706-975A-8721B06BEE8E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E3446A5-69F7-4270-93E2-CD5614970698",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_quantum_140cpu65150c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "10D13B75-6AF9-445F-9B06-19FD678CD388",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65150c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08FE0C5D-3132-48AD-92EB-B7C4277C1FAA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_quantum_140cpu65160c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "784CC7A2-6A89-4C53-8ED4-7A21824D2C62",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65160c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC9D2D4D-558B-424E-AB04-429C83F06DB7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_quantum_140cpu65160_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F7792A2-5BDB-4F33-ADB8-2D4B6309088A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65160:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD3F1B7C-7972-463E-930E-F359A402DAF5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmx_p34-2010_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "90E09554-8011-4B23-8D35-61843D485DC4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmx_p34-2010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A76270E2-D48F-4149-9A97-76F3C5749723",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmx_p34-2030_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "750F0C04-9948-4D0B-ADF3-1A8F5EEE1DCB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmx_p34-2030:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FA6EC11-5E37-4534-908F-D3424AE01C79",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmx_noc_0401_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C493290F-1375-4C2B-BCCC-A12D4FDFE8AC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmx_noc_0401:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "00B8A86F-B257-49D9-AB43-3B9A28B543BA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmx_noe_0100_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B8C54D9-2E50-4271-98A4-865991AAA4CD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmx_noe_0100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "28A486F8-6C88-43FA-B3BB-CE4AAFE9F5D9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmx_noe_0100h_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DB39549A-8ACF-447D-A13A-A124AF25889E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmx_noe_0100h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1BDFEB0-C3B6-4329-A663-7EAA9124249F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmx_noe_0110_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "00D579C2-65B6-4602-862A-2EE9F89AE239",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmx_noe_0110:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE415EC8-0F4B-4B21-8D10-91AFAA6DA4A3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmx_noe_0110h_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D51906B0-8DC5-4393-9331-5A66F8A51801",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmx_noe_0110h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B4688DE1-369B-4726-8492-3FB65C682646",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmx_nor_0200h_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "02B853AA-1A4C-4AA1-91C0-60A88DA27107",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmx_nor_0200h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F283DEA-90D9-4EA5-9A1E-E62BE704D620",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A CWE-120: Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027) vulnerability exists in the Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details) which could cause write access and the execution of commands when uploading a specially crafted file on the controller over FTP."
    },
    {
      "lang": "es",
      "value": "CWE-120: Una vulnerabilidad de Copia de b\u00fafer sin Comprobar el Tama\u00f1o de la Entrada (\"Classic Buffer Overflow\") se presenta en el Servidor Web de unas ofertas de Modicon M340, Modicon Quantum y Modicon Premium Legacy y sus M\u00f3dulos de Comunicaci\u00f3n (v\u00e9ase la notificaci\u00f3n para m\u00e1s detalles) que podr\u00eda causar acceso de escritura y una ejecuci\u00f3n de comandos al cargar un archivo especialmente dise\u00f1ado en el controlador por medio de FTP"
    }
  ],
  "id": "CVE-2020-7564",
  "lastModified": "2024-11-21T05:37:23.213",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-11-18T14:15:13.363",
  "references": [
    {
      "source": "cybersecurity@se.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.se.com/ww/en/download/document/SEVD-2020-315-01/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.se.com/ww/en/download/document/SEVD-2020-315-01/"
    }
  ],
  "sourceIdentifier": "cybersecurity@se.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-120"
        }
      ],
      "source": "cybersecurity@se.com",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2021-09-02 17:15

Modified

2024-11-21 05:50

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

A CWE-787: Out-of-bounds Write vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxureª Control Expert, including all Unity Pro versions (former name of EcoStruxureª Control Expert, all versions), PLC Simulator for EcoStruxureª Process Expert including all HDCS versions (former name of EcoStruxureª Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions).

References

URL	Tags
cybersecurity@se.com	https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-06	Not Applicable
nvd@nist.gov	https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-04	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-06	Not Applicable

Impacted products

Vendor	Product	Version
schneider-electric	modicon_m340_bmxp341000	-
schneider-electric	modicon_m340_bmxp342010	-
schneider-electric	modicon_m340_bmxp342020	-
schneider-electric	modicon_m340_bmxp342030	-
schneider-electric	modicon_m580_bmeh582040	-
schneider-electric	modicon_m580_bmeh582040c	-
schneider-electric	modicon_m580_bmeh582040s	-
schneider-electric	modicon_m580_bmeh584040	-
schneider-electric	modicon_m580_bmeh584040c	-
schneider-electric	modicon_m580_bmeh584040s	-
schneider-electric	modicon_m580_bmeh586040	-
schneider-electric	modicon_m580_bmeh586040c	-
schneider-electric	modicon_m580_bmeh586040s	-
schneider-electric	modicon_m580_bmep581020	-
schneider-electric	modicon_m580_bmep581020h	-
schneider-electric	modicon_m580_bmep582020	-
schneider-electric	modicon_m580_bmep582020h	-
schneider-electric	modicon_m580_bmep582040	-
schneider-electric	modicon_m580_bmep582040h	-
schneider-electric	modicon_m580_bmep582040s	-
schneider-electric	modicon_m580_bmep583020	-
schneider-electric	modicon_m580_bmep583040	-
schneider-electric	modicon_m580_bmep584020	-
schneider-electric	modicon_m580_bmep584040	-
schneider-electric	modicon_m580_bmep584040s	-
schneider-electric	modicon_m580_bmep585040	-
schneider-electric	modicon_m580_bmep585040c	-
schneider-electric	modicon_m580_bmep586040	-
schneider-electric	modicon_m580_bmep586040c	-
schneider-electric	modicon_mc80_bmkc8020301	-
schneider-electric	modicon_mc80_bmkc8020310	-
schneider-electric	modicon_mc80_bmkc8030311	-
schneider-electric	modicon_momentum_171cbu78090	-
schneider-electric	modicon_momentum_171cbu98090	-
schneider-electric	modicon_momentum_171cbu98091	-
schneider-electric	modicon_premium_tsxp57_1634m	-
schneider-electric	modicon_premium_tsxp57_2634m	-
schneider-electric	modicon_premium_tsxp57_2834m	-
schneider-electric	modicon_premium_tsxp57_454m	-
schneider-electric	modicon_premium_tsxp57_4634m	-
schneider-electric	modicon_premium_tsxp57_554m	-
schneider-electric	modicon_premium_tsxp57_5634m	-
schneider-electric	modicon_premium_tsxp57_6634m	-
schneider-electric	modicon_quantum_140cpu65150	-
schneider-electric	modicon_quantum_140cpu65150c	-
schneider-electric	modicon_quantum_140cpu65160	-
schneider-electric	modicon_quantum_140cpu65160c	-
schneider-electric	plc_simulator_for_ecostruxure_control_expert	-
schneider-electric	plc_simulator_for_ecostruxure_process_expert	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "178D2338-E48E-493C-992F-337AACE794DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "833B2455-5D39-4457-9D6F-0CD738A2EB02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99F2F851-C18F-4CB8-B47C-516F2AC7955D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342030:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E472ABB0-5556-4B96-9CEF-2180E24FA7FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F484F8BB-60B5-4045-92C3-0C2A0CD4107E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4F0F823-89EA-451D-81DC-07AACA039371",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "610AE743-9FD1-4149-AD45-3B1DAE268BF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "77116949-1141-432D-964B-29A759939E8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6CE23A2-09CC-4417-A45F-63BCA66C4DD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "97AAD857-95C0-4AE3-8510-CB306E8293F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "07E2FB94-F402-4CF0-BE35-574C1C6528BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E776EE9-A662-4068-A61A-62CAE23C87F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D53BD038-D594-41FF-B3EF-3365C5432AD0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep581020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2317F260-7AA2-4178-B468-03DF36223E26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep581020h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D7DDC42-37A1-43B0-AD46-2E0D098564BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "765E4FEE-255E-4C47-824A-5661B84B490B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582020h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1FEA377-3C45-4F88-B233-088A24BD0771",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBCCDD6D-35CE-4680-8B0C-86584B1D8958",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "68FD5968-C522-4231-A98C-93D3101B6148",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C02B27F6-B8CF-4D3B-9DA6-054F540EA6B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep583020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBC38FF1-693E-4899-883C-1B7B80A52F2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep583040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "002E7F33-6729-4C35-9DDA-7D8383BD5668",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "47DFEBAC-2F1D-4870-8425-2199BF80B425",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC4A1DF2-FF4C-4DBE-BF74-6A4A09E3DECE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6222C1F8-BE52-4666-B7F5-2E8BBC214F70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep585040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5376D9F4-8AFB-4909-A11B-33C54C4220DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep585040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CADB178B-FEFD-48A9-B155-0E8F6D490229",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep586040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B3C1879-269B-47EB-891B-EF2E90C911D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep586040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5771A1A5-3DAF-4869-A24F-F9B0A38B5DA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_mc80_bmkc8020301:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "62B3CEFA-BCF8-4305-B81A-980AA1352515",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_mc80_bmkc8020310:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C1A9EE4-9564-45F6-8CF8-1A820E469B41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_mc80_bmkc8030311:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "026D5E27-E50D-4614-A3EB-C54150C85572",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_momentum_171cbu78090:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B765DF6-1D0A-4191-9AD7-250A7EB691BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_momentum_171cbu98090:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "67152082-E085-4111-98BA-6E9EF14ADB91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_momentum_171cbu98091:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD68FC34-691B-406E-A59D-2596215AE314",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_1634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB98E7F1-DD61-47F5-A6BB-18D75FDFAB70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_2634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39E46898-7206-45C1-9A93-729B5905EF38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_2834m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C97A89AF-103A-4D2A-9EAF-42CEC88A2BCA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_454m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "32B611B6-1138-40DF-848A-A4A10E1DB0F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_4634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF901CCB-1BC4-4EDA-A3D7-ED7523128EAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_554m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4479C318-EE74-4338-B172-EC13D4D62246",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_5634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98A25B72-B3A9-4717-8AA9-B164226DF9D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_6634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "889E9E8B-688E-420E-9A99-AB64BA7ABCDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E3446A5-69F7-4270-93E2-CD5614970698",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65150c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08FE0C5D-3132-48AD-92EB-B7C4277C1FAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65160:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD3F1B7C-7972-463E-930E-F359A402DAF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65160c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC9D2D4D-558B-424E-AB04-429C83F06DB7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:plc_simulator_for_ecostruxure_control_expert:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A63ECFF-261A-4C39-964E-CBC4B97147DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:plc_simulator_for_ecostruxure_process_expert:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B722F22-2CEB-426B-9615-DD3B73A671F4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A CWE-787: Out-of-bounds Write vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxure\u00aa Control Expert, including all Unity Pro versions (former name of EcoStruxure\u00aa Control Expert, all versions), PLC Simulator for EcoStruxure\u00aa Process Expert including all HDCS versions (former name of EcoStruxure\u00aa Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)."
    },
    {
      "lang": "es",
      "value": "Una CWE-787: Una vulnerabilidad de Escritura Fuera de L\u00edmites que podr\u00eda causar una Denegaci\u00f3n de Servicio en el controlador/simulador del PLC Modicon cuando se actualiza la aplicaci\u00f3n del controlador con un archivo de proyecto especialmente dise\u00f1ado se presenta en Modicon M580 CPU (n\u00fameros de pieza BMEP* y BMEH*, todas las versiones), Modicon M340 CPU (n\u00fameros de pieza BMXP34*, todas las versiones), Modicon MC80 (n\u00fameros de pieza BMKC80*, todas las versiones), Modicon Momentum Ethernet CPU (n\u00fameros de pieza 171CBU*, todas las versiones), PLC Simulator para EcoStruxure\u00aa Control Expert, incluidas todas las versiones Unity Pro (antiguo nombre de EcoStruxure\u00aa Control Expert, todas las versiones), PLC Simulator para EcoStruxure\u00aa Process Expert, incluidas todas las versiones HDCS (antiguo nombre de EcoStruxure\u00aa Process Expert, todas las versiones), Modicon Quantum CPU (n\u00fameros de pieza 140CPU*, todas las versiones), Modicon Premium CPU (n\u00fameros de pieza TSXP5*, todas las versiones)"
    }
  ],
  "id": "CVE-2021-22791",
  "lastModified": "2024-11-21T05:50:40.647",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-09-02T17:15:08.290",
  "references": [
    {
      "source": "cybersecurity@se.com",
      "tags": [
        "Not Applicable"
      ],
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-06"
    },
    {
      "source": "nvd@nist.gov",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-04"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Not Applicable"
      ],
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-06"
    }
  ],
  "sourceIdentifier": "cybersecurity@se.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "cybersecurity@se.com",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2022-11-22 12:15

Modified

2024-11-21 07:14

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A CWE-191: Integer Underflow (Wrap or Wraparound) vulnerability exists that could cause a denial of service of the controller due to memory access violations when using the Modbus TCP protocol. Affected products: Modicon M340 CPU (part numbers BMXP34*)(V3.40 and prior), Modicon M580 CPU (part numbers BMEP* and BMEH*)(V3.22 and prior), Legacy Modicon Quantum/Premium(All Versions), Modicon Momentum MDI (171CBU*)(All Versions), Modicon MC80 (BMKC80)(V1.7 and prior)

References

▼	URL	Tags
	cybersecurity@se.com	https://www.se.com/us/en/download/document/SEVD-2022-221-02/	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.se.com/us/en/download/document/SEVD-2022-221-02/	Vendor Advisory

Impacted products

Vendor	Product	Version
schneider-electric	modicon_m340_bmx_p34-2010_firmware	*
schneider-electric	modicon_m340_bmx_p34-2010	-
schneider-electric	modicon_m340_bmx_p34-2030_firmware	*
schneider-electric	modicon_m340_bmx_p34-2030	-
schneider-electric	modicon_m580_bmeh582040_firmware	*
schneider-electric	modicon_m580_bmeh582040	-
schneider-electric	modicon_m580_bmeh582040c_firmware	*
schneider-electric	modicon_m580_bmeh582040c	-
schneider-electric	modicon_m580_bmeh582040s_firmware	*
schneider-electric	modicon_m580_bmeh582040s	-
schneider-electric	modicon_m580_bmeh584040_firmware	*
schneider-electric	modicon_m580_bmeh584040	-
schneider-electric	modicon_m580_bmeh584040c_firmware	*
schneider-electric	modicon_m580_bmeh584040c	-
schneider-electric	modicon_m580_bmeh584040s_firmware	*
schneider-electric	modicon_m580_bmeh584040s	-
schneider-electric	modicon_m580_bmeh586040_firmware	*
schneider-electric	modicon_m580_bmeh586040	-
schneider-electric	modicon_m580_bmeh586040c_firmware	*
schneider-electric	modicon_m580_bmeh586040c	-
schneider-electric	modicon_m580_bmeh586040s_firmware	*
schneider-electric	modicon_m580_bmeh586040s	-
schneider-electric	modicon_m580_bmep581020_firmware	*
schneider-electric	modicon_m580_bmep581020	-
schneider-electric	modicon_m580_bmep581020h_firmware	*
schneider-electric	modicon_m580_bmep581020h	-
schneider-electric	modicon_m580_bmep582020_firmware	*
schneider-electric	modicon_m580_bmep582020	-
schneider-electric	modicon_m580_bmep582020h_firmware	*
schneider-electric	modicon_m580_bmep582020h	-
schneider-electric	modicon_m580_bmep582040_firmware	*
schneider-electric	modicon_m580_bmep582040	-
schneider-electric	modicon_m580_bmep582040h_firmware	*
schneider-electric	modicon_m580_bmep582040h	-
schneider-electric	modicon_m580_bmep582040s_firmware	*
schneider-electric	modicon_m580_bmep582040s	-
schneider-electric	modicon_m580_bmep583020_firmware	*
schneider-electric	modicon_m580_bmep583020	-
schneider-electric	modicon_m580_bmep583040_firmware	*
schneider-electric	modicon_m580_bmep583040	-
schneider-electric	modicon_m580_bmep584020_firmware	*
schneider-electric	modicon_m580_bmep584020	-
schneider-electric	modicon_m580_bmep584040_firmware	*
schneider-electric	modicon_m580_bmep584040	-
schneider-electric	modicon_m580_bmep584040s_firmware	*
schneider-electric	modicon_m580_bmep584040s	-
schneider-electric	modicon_m580_bmep585040_firmware	*
schneider-electric	modicon_m580_bmep585040	-
schneider-electric	modicon_m580_bmep585040c_firmware	*
schneider-electric	modicon_m580_bmep585040c	-
schneider-electric	modicon_m580_bmep586040_firmware	*
schneider-electric	modicon_m580_bmep586040	-
schneider-electric	modicon_m580_bmep586040c_firmware	*
schneider-electric	modicon_m580_bmep586040c	-
schneider-electric	modicon_mc80_bmkc8020301_firmware	*
schneider-electric	modicon_mc80_bmkc8020301	-
schneider-electric	modicon_mc80_bmkc8020310_firmware	*
schneider-electric	modicon_mc80_bmkc8020310	-
schneider-electric	modicon_mc80_bmkc8030311_firmware	*
schneider-electric	modicon_mc80_bmkc8030311	-
schneider-electric	modicon_momentum_171cbu78090_firmware	-
schneider-electric	modicon_momentum_171cbu78090	-
schneider-electric	modicon_momentum_171cbu98090_firmware	-
schneider-electric	modicon_momentum_171cbu98090	-
schneider-electric	modicon_momentum_171cbu98091_firmware	-
schneider-electric	modicon_momentum_171cbu98091	-
schneider-electric	modicon_premium_tsxp57_1634m_firmware	-
schneider-electric	modicon_premium_tsxp57_1634m	-
schneider-electric	modicon_premium_tsxp57_2634m_firmware	-
schneider-electric	modicon_premium_tsxp57_2634m	-
schneider-electric	modicon_premium_tsxp57_2834m_firmware	-
schneider-electric	modicon_premium_tsxp57_2834m	-
schneider-electric	modicon_premium_tsxp57_454m_firmware	-
schneider-electric	modicon_premium_tsxp57_454m	-
schneider-electric	modicon_premium_tsxp57_4634m_firmware	-
schneider-electric	modicon_premium_tsxp57_4634m	-
schneider-electric	modicon_premium_tsxp57_554m_firmware	-
schneider-electric	modicon_premium_tsxp57_554m	-
schneider-electric	modicon_premium_tsxp57_5634m_firmware	-
schneider-electric	modicon_premium_tsxp57_5634m	-
schneider-electric	modicon_premium_tsxp57_6634m_firmware	-
schneider-electric	modicon_premium_tsxp57_6634m	-
schneider-electric	modicon_quantum_140cpu65150_firmware	-
schneider-electric	modicon_quantum_140cpu65150	-
schneider-electric	modicon_quantum_140cpu65150c_firmware	-
schneider-electric	modicon_quantum_140cpu65150c	-
schneider-electric	modicon_quantum_140cpu65160_firmware	-
schneider-electric	modicon_quantum_140cpu65160	-
schneider-electric	modicon_quantum_140cpu65160c_firmware	-
schneider-electric	modicon_quantum_140cpu65160c	-
schneider-electric	modicon_quantum_140noc78100_firmware	-
schneider-electric	modicon_quantum_140noc78100	-
schneider-electric	modicon_quantum_140noe77101_firmware	-
schneider-electric	modicon_quantum_140noe77101	-
schneider-electric	modicon_quantum_140noe77111_firmware	-
schneider-electric	modicon_quantum_140noe77111	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmx_p34-2010_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF6EFD0B-1D69-40D0-B7B9-C46FD8E9DF40",
              "versionEndExcluding": "3.50",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmx_p34-2010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A76270E2-D48F-4149-9A97-76F3C5749723",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m340_bmx_p34-2030_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0140B9B8-8D02-4758-A5A9-2B14B3CBB3DF",
              "versionEndExcluding": "3.50",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmx_p34-2030:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7FA6EC11-5E37-4534-908F-D3424AE01C79",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh582040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4DB31C8-0E2D-4EAC-B8AD-260D7B4E53D9",
              "versionEndExcluding": "4.01",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F484F8BB-60B5-4045-92C3-0C2A0CD4107E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh582040c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A275FCA0-55B9-4CA6-96E4-A57CEF0F8316",
              "versionEndExcluding": "4.01",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4F0F823-89EA-451D-81DC-07AACA039371",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh582040s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9098867D-6A2B-42C4-9C35-16AC5030DA70",
              "versionEndExcluding": "4.01",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "610AE743-9FD1-4149-AD45-3B1DAE268BF9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh584040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AED19071-C1B3-4633-80D7-62E4209B573A",
              "versionEndExcluding": "4.01",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "77116949-1141-432D-964B-29A759939E8F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh584040c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFF5BD50-38B3-4CF8-9550-8C1895F23D81",
              "versionEndExcluding": "4.01",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6CE23A2-09CC-4417-A45F-63BCA66C4DD8",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh584040s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F959D278-C7A8-4E8C-ADB8-3254B380E409",
              "versionEndExcluding": "4.01",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "97AAD857-95C0-4AE3-8510-CB306E8293F4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh586040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DF67EAC-9D48-42F7-A9F4-BAEAAB746881",
              "versionEndExcluding": "4.01",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "07E2FB94-F402-4CF0-BE35-574C1C6528BA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh586040c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A8D2EF1-81D5-4801-AFBF-1CB9122DFEC6",
              "versionEndExcluding": "4.01",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E776EE9-A662-4068-A61A-62CAE23C87F7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmeh586040s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "97EDAD5F-561F-4F3C-9718-3B8B8A5404F5",
              "versionEndExcluding": "4.01",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D53BD038-D594-41FF-B3EF-3365C5432AD0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep581020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FFA2751-CA21-48C3-9DD0-DF2870EB1375",
              "versionEndExcluding": "4.01",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep581020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2317F260-7AA2-4178-B468-03DF36223E26",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep581020h_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD59535C-EBC2-4775-9147-41045F091638",
              "versionEndExcluding": "4.01",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep581020h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D7DDC42-37A1-43B0-AD46-2E0D098564BA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "94EE3F37-836D-4872-8DBE-77E5C1E9FB6B",
              "versionEndExcluding": "4.01",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "765E4FEE-255E-4C47-824A-5661B84B490B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582020h_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A045D3A4-237E-469F-9037-585471F8C44F",
              "versionEndExcluding": "4.01",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582020h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1FEA377-3C45-4F88-B233-088A24BD0771",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB09E64C-072A-4610-88BC-D566862659D5",
              "versionEndExcluding": "4.01",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBCCDD6D-35CE-4680-8B0C-86584B1D8958",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582040h_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FBD04E1-55EE-4887-A098-0F1DD35B068E",
              "versionEndExcluding": "4.01",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "68FD5968-C522-4231-A98C-93D3101B6148",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep582040s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "62FE2B68-6D92-45C2-9E75-C779E831ADB8",
              "versionEndExcluding": "4.01",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C02B27F6-B8CF-4D3B-9DA6-054F540EA6B6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep583020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F95EA094-64BE-431E-8F6E-5430627C4006",
              "versionEndExcluding": "4.01",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep583020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBC38FF1-693E-4899-883C-1B7B80A52F2C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep583040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "123B1BB8-86B8-4CE3-9B61-DFADA5BC9C3D",
              "versionEndExcluding": "4.01",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep583040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "002E7F33-6729-4C35-9DDA-7D8383BD5668",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep584020_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "24DC160B-78A9-4CD6-9AC2-5806E93AAE80",
              "versionEndExcluding": "4.01",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "47DFEBAC-2F1D-4870-8425-2199BF80B425",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep584040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "690ADE34-3955-4167-8AF7-B64B9B95E9BC",
              "versionEndExcluding": "4.01",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC4A1DF2-FF4C-4DBE-BF74-6A4A09E3DECE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep584040s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "38E5A8DC-94EA-4436-A252-9E803248EB8C",
              "versionEndExcluding": "4.01",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6222C1F8-BE52-4666-B7F5-2E8BBC214F70",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep585040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D50A27C4-73B8-4883-893D-A81F8300D1BD",
              "versionEndExcluding": "4.01",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep585040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5376D9F4-8AFB-4909-A11B-33C54C4220DB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep585040c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "485C5EE3-4455-4D49-B03E-A7B21CCF9D44",
              "versionEndExcluding": "4.01",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep585040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CADB178B-FEFD-48A9-B155-0E8F6D490229",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep586040_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E7E0E8A-2189-48A7-9B6B-3FC7CDDC0F74",
              "versionEndExcluding": "4.01",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep586040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B3C1879-269B-47EB-891B-EF2E90C911D7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_m580_bmep586040c_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D53FD731-D404-43DF-8990-8F17F2E13F94",
              "versionEndExcluding": "4.01",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep586040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5771A1A5-3DAF-4869-A24F-F9B0A38B5DA5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_mc80_bmkc8020301_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B29E8197-8592-404D-A133-A3B5AC423F34",
              "versionEndExcluding": "1.8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_mc80_bmkc8020301:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "62B3CEFA-BCF8-4305-B81A-980AA1352515",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_mc80_bmkc8020310_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D821580-8AFC-40F1-B1E5-6C9EF2C17728",
              "versionEndExcluding": "1.8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_mc80_bmkc8020310:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C1A9EE4-9564-45F6-8CF8-1A820E469B41",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_mc80_bmkc8030311_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "833A8209-9A7B-4CC7-9BBA-125ABC05AC48",
              "versionEndExcluding": "1.8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_mc80_bmkc8030311:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "026D5E27-E50D-4614-A3EB-C54150C85572",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_momentum_171cbu78090_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B26E867-5C0E-413E-B733-6865347C2140",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_momentum_171cbu78090:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B765DF6-1D0A-4191-9AD7-250A7EB691BF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_momentum_171cbu98090_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FA5F1B5-FEC3-458B-B411-AC19E90E2973",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_momentum_171cbu98090:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "67152082-E085-4111-98BA-6E9EF14ADB91",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_momentum_171cbu98091_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "49247DB1-4B53-480B-B7BB-A0E37613E3D2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_momentum_171cbu98091:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD68FC34-691B-406E-A59D-2596215AE314",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_premium_tsxp57_1634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5D930A5-787A-48FD-BFA2-4D1BC70C9224",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_1634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB98E7F1-DD61-47F5-A6BB-18D75FDFAB70",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_premium_tsxp57_2634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "80937C5F-5962-46D3-8BA2-1650CAC6DC0C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_2634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39E46898-7206-45C1-9A93-729B5905EF38",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_premium_tsxp57_2834m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "695475B9-A4A4-4218-8D21-71797A0F1F10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_2834m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C97A89AF-103A-4D2A-9EAF-42CEC88A2BCA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_premium_tsxp57_454m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B787E978-0842-4385-9ADD-6CA947A6F697",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_454m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "32B611B6-1138-40DF-848A-A4A10E1DB0F2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_premium_tsxp57_4634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1788D10E-11FB-4EF1-9B57-89A2EF3A4576",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_4634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF901CCB-1BC4-4EDA-A3D7-ED7523128EAA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_premium_tsxp57_554m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C613326A-E313-4B3F-ADF7-128B3A904422",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_554m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4479C318-EE74-4338-B172-EC13D4D62246",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_premium_tsxp57_5634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8AC92C16-6212-4D20-B478-98D538C2FCCF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_5634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98A25B72-B3A9-4717-8AA9-B164226DF9D9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_premium_tsxp57_6634m_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "72F0A61F-37A4-43C9-BC78-296C9AF08341",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_6634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "889E9E8B-688E-420E-9A99-AB64BA7ABCDC",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_quantum_140cpu65150_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF686D3D-B614-41D1-A023-3DA76B296601",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E3446A5-69F7-4270-93E2-CD5614970698",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_quantum_140cpu65150c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "520D0A9C-ACC9-4FDD-93F5-DD807BA3C4DA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65150c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08FE0C5D-3132-48AD-92EB-B7C4277C1FAA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_quantum_140cpu65160_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1BF8361-6FA9-46A1-93B3-3CC269935F50",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65160:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD3F1B7C-7972-463E-930E-F359A402DAF5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_quantum_140cpu65160c_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8B77E0F-CC13-42B6-AF46-556FB02BA4CD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65160c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC9D2D4D-558B-424E-AB04-429C83F06DB7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_quantum_140noc78100_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "100EF6DF-31D9-4942-8C1D-093A98A50B12",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140noc78100:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "41D30C1F-F8C6-4B4A-8F62-C4F5B22E485C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_quantum_140noe77101_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F92A60EA-6BBF-4AEE-9996-3570E3DCD60D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140noe77101:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "820638DC-323D-4187-8468-2495C1505860",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:schneider-electric:modicon_quantum_140noe77111_firmware:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "26DB16A6-2F84-487C-B061-6EFF81A3673C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140noe77111:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C5587FE-4270-490C-BFE7-6DFC2B7AFE79",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A CWE-191: Integer Underflow (Wrap or Wraparound) vulnerability exists that could cause a denial of service of the controller due to memory access violations when using the Modbus TCP protocol. Affected products: Modicon M340 CPU (part numbers BMXP34*)(V3.40 and prior), Modicon M580 CPU (part numbers BMEP* and BMEH*)(V3.22 and prior), Legacy Modicon Quantum/Premium(All Versions), Modicon Momentum MDI (171CBU*)(All Versions), Modicon MC80 (BMKC80)(V1.7 and prior)"
    },
    {
      "lang": "es",
      "value": "Existe una vulnerabilidad CWE-191: Integer Underflow (Wrap o Wraparound) que podr\u00eda causar una Denegaci\u00f3n de Servicio (DoS) del controlador debido a violaciones de acceso a la memoria cuando se utiliza el protocolo Modbus TCP. Productos afectados: CPU Modicon M340 (n\u00fameros de pieza BMXP34*)(V3.40 y anteriores), CPU Modicon M580 (n\u00fameros de pieza BMEP* y BMEH*)(V3.22 y anteriores), Modicon Quantum/Premium heredado (todas las versiones), Modicon Momentum MDI (171CBU*)(todas las versiones), Modicon MC80 (BMKC80)(V1.7 y anteriores)"
    }
  ],
  "id": "CVE-2022-37301",
  "lastModified": "2024-11-21T07:14:42.730",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "cybersecurity@se.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-11-22T12:15:09.927",
  "references": [
    {
      "source": "cybersecurity@se.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.se.com/us/en/download/document/SEVD-2022-221-02/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.se.com/us/en/download/document/SEVD-2022-221-02/"
    }
  ],
  "sourceIdentifier": "cybersecurity@se.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-191"
        }
      ],
      "source": "cybersecurity@se.com",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2021-09-02 17:15

Modified

2024-11-21 05:50

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

A CWE-125: Out-of-bounds Read vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxureª Control Expert, including all Unity Pro versions (former name of EcoStruxureª Control Expert, all versions), PLC Simulator for EcoStruxureª Process Expert including all HDCS versions (former name of EcoStruxureª Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions).

References

URL	Tags
cybersecurity@se.com	https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-05	Not Applicable
nvd@nist.gov	https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-04	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-05	Not Applicable

Impacted products

Vendor	Product	Version
schneider-electric	modicon_m340_bmxp341000	-
schneider-electric	modicon_m340_bmxp342010	-
schneider-electric	modicon_m340_bmxp342020	-
schneider-electric	modicon_m340_bmxp342030	-
schneider-electric	modicon_m580_bmeh582040	-
schneider-electric	modicon_m580_bmeh582040c	-
schneider-electric	modicon_m580_bmeh582040s	-
schneider-electric	modicon_m580_bmeh584040	-
schneider-electric	modicon_m580_bmeh584040c	-
schneider-electric	modicon_m580_bmeh584040s	-
schneider-electric	modicon_m580_bmeh586040	-
schneider-electric	modicon_m580_bmeh586040c	-
schneider-electric	modicon_m580_bmeh586040s	-
schneider-electric	modicon_m580_bmep581020	-
schneider-electric	modicon_m580_bmep581020h	-
schneider-electric	modicon_m580_bmep582020	-
schneider-electric	modicon_m580_bmep582020h	-
schneider-electric	modicon_m580_bmep582040	-
schneider-electric	modicon_m580_bmep582040h	-
schneider-electric	modicon_m580_bmep582040s	-
schneider-electric	modicon_m580_bmep583020	-
schneider-electric	modicon_m580_bmep583040	-
schneider-electric	modicon_m580_bmep584020	-
schneider-electric	modicon_m580_bmep584040	-
schneider-electric	modicon_m580_bmep584040s	-
schneider-electric	modicon_m580_bmep585040	-
schneider-electric	modicon_m580_bmep585040c	-
schneider-electric	modicon_m580_bmep586040	-
schneider-electric	modicon_m580_bmep586040c	-
schneider-electric	modicon_mc80_bmkc8020301	-
schneider-electric	modicon_mc80_bmkc8020310	-
schneider-electric	modicon_mc80_bmkc8030311	-
schneider-electric	modicon_momentum_171cbu78090	-
schneider-electric	modicon_momentum_171cbu98090	-
schneider-electric	modicon_momentum_171cbu98091	-
schneider-electric	modicon_premium_tsxp57_1634m	-
schneider-electric	modicon_premium_tsxp57_2634m	-
schneider-electric	modicon_premium_tsxp57_2834m	-
schneider-electric	modicon_premium_tsxp57_454m	-
schneider-electric	modicon_premium_tsxp57_4634m	-
schneider-electric	modicon_premium_tsxp57_554m	-
schneider-electric	modicon_premium_tsxp57_5634m	-
schneider-electric	modicon_premium_tsxp57_6634m	-
schneider-electric	modicon_quantum_140cpu65150	-
schneider-electric	modicon_quantum_140cpu65150c	-
schneider-electric	modicon_quantum_140cpu65160	-
schneider-electric	modicon_quantum_140cpu65160c	-
schneider-electric	plc_simulator_for_ecostruxure_control_expert	-
schneider-electric	plc_simulator_for_ecostruxure_process_expert	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp341000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "178D2338-E48E-493C-992F-337AACE794DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342010:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "833B2455-5D39-4457-9D6F-0CD738A2EB02",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "99F2F851-C18F-4CB8-B47C-516F2AC7955D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m340_bmxp342030:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E472ABB0-5556-4B96-9CEF-2180E24FA7FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F484F8BB-60B5-4045-92C3-0C2A0CD4107E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4F0F823-89EA-451D-81DC-07AACA039371",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh582040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "610AE743-9FD1-4149-AD45-3B1DAE268BF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "77116949-1141-432D-964B-29A759939E8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6CE23A2-09CC-4417-A45F-63BCA66C4DD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh584040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "97AAD857-95C0-4AE3-8510-CB306E8293F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "07E2FB94-F402-4CF0-BE35-574C1C6528BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E776EE9-A662-4068-A61A-62CAE23C87F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmeh586040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D53BD038-D594-41FF-B3EF-3365C5432AD0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep581020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2317F260-7AA2-4178-B468-03DF36223E26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep581020h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D7DDC42-37A1-43B0-AD46-2E0D098564BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "765E4FEE-255E-4C47-824A-5661B84B490B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582020h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1FEA377-3C45-4F88-B233-088A24BD0771",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBCCDD6D-35CE-4680-8B0C-86584B1D8958",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040h:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "68FD5968-C522-4231-A98C-93D3101B6148",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep582040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C02B27F6-B8CF-4D3B-9DA6-054F540EA6B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep583020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBC38FF1-693E-4899-883C-1B7B80A52F2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep583040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "002E7F33-6729-4C35-9DDA-7D8383BD5668",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584020:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "47DFEBAC-2F1D-4870-8425-2199BF80B425",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC4A1DF2-FF4C-4DBE-BF74-6A4A09E3DECE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep584040s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6222C1F8-BE52-4666-B7F5-2E8BBC214F70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep585040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5376D9F4-8AFB-4909-A11B-33C54C4220DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep585040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CADB178B-FEFD-48A9-B155-0E8F6D490229",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep586040:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B3C1879-269B-47EB-891B-EF2E90C911D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_m580_bmep586040c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5771A1A5-3DAF-4869-A24F-F9B0A38B5DA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_mc80_bmkc8020301:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "62B3CEFA-BCF8-4305-B81A-980AA1352515",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_mc80_bmkc8020310:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C1A9EE4-9564-45F6-8CF8-1A820E469B41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_mc80_bmkc8030311:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "026D5E27-E50D-4614-A3EB-C54150C85572",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_momentum_171cbu78090:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B765DF6-1D0A-4191-9AD7-250A7EB691BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_momentum_171cbu98090:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "67152082-E085-4111-98BA-6E9EF14ADB91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_momentum_171cbu98091:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD68FC34-691B-406E-A59D-2596215AE314",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_1634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB98E7F1-DD61-47F5-A6BB-18D75FDFAB70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_2634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "39E46898-7206-45C1-9A93-729B5905EF38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_2834m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C97A89AF-103A-4D2A-9EAF-42CEC88A2BCA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_454m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "32B611B6-1138-40DF-848A-A4A10E1DB0F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_4634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF901CCB-1BC4-4EDA-A3D7-ED7523128EAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_554m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4479C318-EE74-4338-B172-EC13D4D62246",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_5634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "98A25B72-B3A9-4717-8AA9-B164226DF9D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_premium_tsxp57_6634m:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "889E9E8B-688E-420E-9A99-AB64BA7ABCDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65150:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E3446A5-69F7-4270-93E2-CD5614970698",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65150c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "08FE0C5D-3132-48AD-92EB-B7C4277C1FAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65160:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD3F1B7C-7972-463E-930E-F359A402DAF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:modicon_quantum_140cpu65160c:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC9D2D4D-558B-424E-AB04-429C83F06DB7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:plc_simulator_for_ecostruxure_control_expert:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A63ECFF-261A-4C39-964E-CBC4B97147DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:schneider-electric:plc_simulator_for_ecostruxure_process_expert:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B722F22-2CEB-426B-9615-DD3B73A671F4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A CWE-125: Out-of-bounds Read vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxure\u00aa Control Expert, including all Unity Pro versions (former name of EcoStruxure\u00aa Control Expert, all versions), PLC Simulator for EcoStruxure\u00aa Process Expert including all HDCS versions (former name of EcoStruxure\u00aa Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)."
    },
    {
      "lang": "es",
      "value": "UN CWE-125: Una vulnerabilidad de Lectura Fuera de L\u00edmites que podr\u00eda causar una Denegaci\u00f3n de Servicio en el controlador/simulador del PLC Modicon cuando se actualiza la aplicaci\u00f3n del controlador con un archivo de proyecto especialmente dise\u00f1ado se presenta en Modicon M580 CPU (n\u00fameros de pieza BMEP* y BMEH*, todas las versiones), CPU Modicon M340 (n\u00fameros de pieza BMXP34*, todas las versiones), Modicon MC80 (n\u00fameros de pieza BMKC80*, todas las versiones), CPU Modicon Momentum Ethernet (n\u00fameros de pieza 171CBU*, todas las versiones), PLC Simulator for EcoStruxure\u00aa Control Expert, incluyendo todas las versiones Unity Pro (antiguo nombre de EcoStruxure\u00aa Control Expert, todas las versiones), PLC Simulator for EcoStruxure\u00aa Process Expert incluyendo todas las versiones HDCS (antiguo nombre de EcoStruxure\u00aa Process Expert, todas las versiones), Modicon Quantum CPU (n\u00fameros de pieza 140CPU*, todas las versiones), Modicon Premium CPU (n\u00fameros de pieza TSXP5*, todas las versiones)"
    }
  ],
  "id": "CVE-2021-22790",
  "lastModified": "2024-11-21T05:50:40.513",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-09-02T17:15:08.237",
  "references": [
    {
      "source": "cybersecurity@se.com",
      "tags": [
        "Not Applicable"
      ],
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-05"
    },
    {
      "source": "nvd@nist.gov",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-04"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Not Applicable"
      ],
      "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-05"
    }
  ],
  "sourceIdentifier": "cybersecurity@se.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-125"
        }
      ],
      "source": "cybersecurity@se.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-125"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

cve-2022-37301

Vulnerability from cvelistv5

Published

2022-11-22 00:00

Modified

2024-08-03 10:29

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

A CWE-191: Integer Underflow (Wrap or Wraparound) vulnerability exists that could cause a denial of service of the controller due to memory access violations when using the Modbus TCP protocol. Affected products: Modicon M340 CPU (part numbers BMXP34*)(V3.40 and prior), Modicon M580 CPU (part numbers BMEP* and BMEH*)(V3.22 and prior), Legacy Modicon Quantum/Premium(All Versions), Modicon Momentum MDI (171CBU*)(All Versions), Modicon MC80 (BMKC80)(V1.7 and prior)

References

▼	URL	Tags
	https://www.se.com/us/en/download/document/SEVD-2022-221-02/

Impacted products

Vendor

Product

Version

▼

Schneider Electric

Modicon M340 CPU (part numbers BMXP34*)

Version: V <

Schneider Electric	Modicon M580 CPU (part numbers BMEP* and BMEH*)	Version: V <
Schneider Electric	Legacy Modicon Quantum/Premium	Version: All Versions
Schneider Electric	Modicon Momentum MDI (171CBU*)	Version: All Versions
Schneider Electric	Modicon MC80 (BMKC80)	Version: V <

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T10:29:20.468Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.se.com/us/en/download/document/SEVD-2022-221-02/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Modicon M340 CPU (part numbers BMXP34*)",
          "vendor": "Schneider Electric",
          "versions": [
            {
              "lessThanOrEqual": "3.40",
              "status": "affected",
              "version": "V",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Modicon M580 CPU (part numbers BMEP* and BMEH*) ",
          "vendor": "Schneider Electric",
          "versions": [
            {
              "lessThanOrEqual": "3.22",
              "status": "affected",
              "version": "V",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Legacy Modicon Quantum/Premium",
          "vendor": "Schneider Electric",
          "versions": [
            {
              "status": "affected",
              "version": "All  Versions"
            }
          ]
        },
        {
          "product": "Modicon Momentum MDI (171CBU*)",
          "vendor": "Schneider Electric",
          "versions": [
            {
              "status": "affected",
              "version": "All  Versions"
            }
          ]
        },
        {
          "product": "Modicon MC80 (BMKC80)",
          "vendor": "Schneider Electric",
          "versions": [
            {
              "lessThanOrEqual": "1.7",
              "status": "affected",
              "version": "V",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A CWE-191: Integer Underflow (Wrap or Wraparound) vulnerability exists that could cause a denial of service of the controller due to memory access violations when using the Modbus TCP protocol. Affected products: Modicon M340 CPU (part numbers BMXP34*)(V3.40 and prior), Modicon M580 CPU (part numbers BMEP* and BMEH*)(V3.22 and prior), Legacy Modicon Quantum/Premium(All Versions), Modicon Momentum MDI (171CBU*)(All Versions), Modicon MC80 (BMKC80)(V1.7 and prior)"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-191",
              "description": "CWE-191 Integer Underflow (Wrap or Wraparound)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-11-22T00:00:00",
        "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "shortName": "schneider"
      },
      "references": [
        {
          "url": "https://www.se.com/us/en/download/document/SEVD-2022-221-02/"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
    "assignerShortName": "schneider",
    "cveId": "CVE-2022-37301",
    "datePublished": "2022-11-22T00:00:00",
    "dateReserved": "2022-08-01T00:00:00",
    "dateUpdated": "2024-08-03T10:29:20.468Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-7562

Vulnerability from cvelistv5

Published

2020-11-18 13:54

Modified

2024-08-04 09:33

Severity ?

Summary

A CWE-125: Out-of-Bounds Read vulnerability exists in the Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details) which could cause a segmentation fault or a buffer overflow when uploading a specially crafted file on the controller over FTP.

References

▼	URL	Tags
	https://www.se.com/ww/en/download/document/SEVD-2020-315-01/	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details)	Version: Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:33:19.944Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.se.com/ww/en/download/document/SEVD-2020-315-01/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details)",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A CWE-125: Out-of-Bounds Read vulnerability exists in the Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details) which could cause a segmentation fault or a buffer overflow when uploading a specially crafted file on the controller over FTP."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "CWE-125: Out-of-Bounds Read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-11-18T13:54:32",
        "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "shortName": "schneider"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.se.com/ww/en/download/document/SEVD-2020-315-01/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cybersecurity@schneider-electric.com",
          "ID": "CVE-2020-7562",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details)"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A CWE-125: Out-of-Bounds Read vulnerability exists in the Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details) which could cause a segmentation fault or a buffer overflow when uploading a specially crafted file on the controller over FTP."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-125: Out-of-Bounds Read"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.se.com/ww/en/download/document/SEVD-2020-315-01/",
              "refsource": "MISC",
              "url": "https://www.se.com/ww/en/download/document/SEVD-2020-315-01/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
    "assignerShortName": "schneider",
    "cveId": "CVE-2020-7562",
    "datePublished": "2020-11-18T13:54:32",
    "dateReserved": "2020-01-21T00:00:00",
    "dateUpdated": "2024-08-04T09:33:19.944Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-7564

Vulnerability from cvelistv5

Published

2020-11-18 13:51

Modified

2024-08-04 09:33

Severity ?

Summary

A CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability exists in the Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details) which could cause write access and the execution of commands when uploading a specially crafted file on the controller over FTP.

References

▼	URL	Tags
	https://www.se.com/ww/en/download/document/SEVD-2020-315-01/	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details)	Version: Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:33:19.905Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.se.com/ww/en/download/document/SEVD-2020-315-01/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details)",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A CWE-120: Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027) vulnerability exists in the Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details) which could cause write access and the execution of commands when uploading a specially crafted file on the controller over FTP."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-120",
              "description": "CWE-120: Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-11-18T13:51:16",
        "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "shortName": "schneider"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.se.com/ww/en/download/document/SEVD-2020-315-01/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cybersecurity@schneider-electric.com",
          "ID": "CVE-2020-7564",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details)"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A CWE-120: Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027) vulnerability exists in the Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details) which could cause write access and the execution of commands when uploading a specially crafted file on the controller over FTP."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-120: Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.se.com/ww/en/download/document/SEVD-2020-315-01/",
              "refsource": "MISC",
              "url": "https://www.se.com/ww/en/download/document/SEVD-2020-315-01/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
    "assignerShortName": "schneider",
    "cveId": "CVE-2020-7564",
    "datePublished": "2020-11-18T13:51:16",
    "dateReserved": "2020-01-21T00:00:00",
    "dateUpdated": "2024-08-04T09:33:19.905Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-22792

Vulnerability from cvelistv5

Published

2021-09-02 16:53

Modified

2024-08-03 18:51

Severity ?

Summary

A CWE-476: NULL Pointer Dereference vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxureª Control Expert, including all Unity Pro versions (former name of EcoStruxureª Control Expert, all versions), PLC Simulator for EcoStruxureª Process Expert including all HDCS versions (former name of EcoStruxureª Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions).

References

▼	URL	Tags
	https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-07	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	Modicon M580 CPU (part numbers BMEP* and BMEH, all versions), Modicon M340 CPU (part numbers BMXP34, all versions), Modicon MC80 (part numbers BMKC80, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU, all versions), PLC Simulator for EcoStruxureª Control Expert, including all Unity Pro versions (former name of EcoStruxureª Control Expert, all versions), PLC Simulator for EcoStruxureª Process Expert including all HDCS versions (former name of EcoStruxureª Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU, all versions), Modicon Premium CPU (part numbers TSXP5, all versions)	Version: Modicon M580 CPU (part numbers BMEP* and BMEH, all versions), Modicon M340 CPU (part numbers BMXP34, all versions), Modicon MC80 (part numbers BMKC80, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU, all versions), PLC Simulator for EcoStruxureª Control Expert, including all Unity Pro versions (former name of EcoStruxureª Control Expert, all versions), PLC Simulator for EcoStruxureª Process Expert including all HDCS versions (former name of EcoStruxureª Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU, all versions), Modicon Premium CPU (part numbers TSXP5, all versions)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T18:51:07.455Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-07"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxure\u00aa Control Expert, including all Unity Pro versions (former name of EcoStruxure\u00aa Control Expert, all versions), PLC Simulator for EcoStruxure\u00aa Process Expert including all HDCS versions (former name of EcoStruxure\u00aa Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxure\u00aa Control Expert, including all Unity Pro versions (former name of EcoStruxure\u00aa Control Expert, all versions), PLC Simulator for EcoStruxure\u00aa Process Expert including all HDCS versions (former name of EcoStruxure\u00aa Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A CWE-476: NULL Pointer Dereference vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxure\u00aa Control Expert, including all Unity Pro versions (former name of EcoStruxure\u00aa Control Expert, all versions), PLC Simulator for EcoStruxure\u00aa Process Expert including all HDCS versions (former name of EcoStruxure\u00aa Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-476",
              "description": "CWE-476: NULL Pointer Dereference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-09-02T16:53:00",
        "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "shortName": "schneider"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-07"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cybersecurity@schneider-electric.com",
          "ID": "CVE-2021-22792",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxure\u00aa Control Expert, including all Unity Pro versions (former name of EcoStruxure\u00aa Control Expert, all versions), PLC Simulator for EcoStruxure\u00aa Process Expert including all HDCS versions (former name of EcoStruxure\u00aa Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxure\u00aa Control Expert, including all Unity Pro versions (former name of EcoStruxure\u00aa Control Expert, all versions), PLC Simulator for EcoStruxure\u00aa Process Expert including all HDCS versions (former name of EcoStruxure\u00aa Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A CWE-476: NULL Pointer Dereference vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxure\u00aa Control Expert, including all Unity Pro versions (former name of EcoStruxure\u00aa Control Expert, all versions), PLC Simulator for EcoStruxure\u00aa Process Expert including all HDCS versions (former name of EcoStruxure\u00aa Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-476: NULL Pointer Dereference"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-07",
              "refsource": "MISC",
              "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-07"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
    "assignerShortName": "schneider",
    "cveId": "CVE-2021-22792",
    "datePublished": "2021-09-02T16:53:00",
    "dateReserved": "2021-01-06T00:00:00",
    "dateUpdated": "2024-08-03T18:51:07.455Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2022-45788

Vulnerability from cvelistv5

Published

2023-01-30 00:00

Modified

2025-02-05 20:07

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality & integrity when a malicious project file is loaded onto the controller. Affected Products: EcoStruxure Control Expert (All Versions), EcoStruxure Process Expert (All Versions), Modicon M340 CPU - part numbers BMXP34* (All Versions), Modicon M580 CPU - part numbers BMEP* and BMEH* (All Versions), Modicon M580 CPU Safety - part numbers BMEP58*S and BMEH58*S (All Versions), Modicon Momentum Unity M1E Processor - 171CBU* (All Versions), Modicon MC80 - BMKC80 (All Versions), Legacy Modicon Quantum - 140CPU65* and Premium CPUs - TSXP57* (All Versions)

References

▼	URL	Tags
	https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-010-05&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-010-05_Modicon_Controllers_Security_Notification.pdf

Impacted products

Vendor

Product

Version

▼

Schneider Electric

EcoStruxure Control Expert

Version: All Versions

Schneider Electric	EcoStruxure Process Expert	Version: All Versions
Schneider Electric	Modicon M340 CPU (part numbers BMXP34*)	Version: All Versions
Schneider Electric	Modicon M580 CPU (part numbers BMEP* and BMEH*)	Version: All Versions
Schneider Electric	Modicon M580 CPU Safety (part numbers BMEP58S and BMEH58S)	Version: All Versions
Schneider Electric	Modicon Momentum Unity M1E Processor (171CBU*)	Version: All Versions
Schneider Electric	Modicon MC80 (BMKC80)	Version: All Versions
Schneider Electric	Legacy Modicon Quantum (140CPU65) and Premium CPUs (TSXP57)	Version: All Versions

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T14:17:04.131Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-010-05\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2023-010-05_Modicon_Controllers_Security_Notification.pdf"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-45788",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-05T19:52:24.602959Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-05T20:07:14.882Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "EcoStruxure Control Expert ",
          "vendor": "Schneider Electric",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "EcoStruxure Process Expert",
          "vendor": "Schneider Electric",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Modicon M340 CPU (part numbers BMXP34*)",
          "vendor": "Schneider Electric",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Modicon M580 CPU (part numbers BMEP* and BMEH*) ",
          "vendor": "Schneider Electric",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Modicon M580 CPU Safety (part numbers BMEP58*S and BMEH58*S)",
          "vendor": "Schneider Electric",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Modicon Momentum Unity M1E Processor (171CBU*)",
          "vendor": "Schneider Electric",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Modicon MC80 (BMKC80)",
          "vendor": "Schneider Electric",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "Legacy Modicon Quantum (140CPU65*) and Premium CPUs (TSXP57*)",
          "vendor": "Schneider Electric",
          "versions": [
            {
              "status": "affected",
              "version": "All Versions"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eA CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality \u0026amp; integrity when a malicious project file is loaded onto the controller. Affected Products: EcoStruxure Control Expert (All Versions), EcoStruxure Process Expert (All Versions), Modicon M340 CPU - part numbers BMXP34* (All Versions), Modicon M580 CPU - part numbers BMEP* and BMEH* (All Versions), Modicon M580 CPU Safety - part numbers BMEP58*S and BMEH58*S (All Versions), Modicon Momentum Unity M1E Processor - 171CBU* (All Versions), Modicon MC80 - BMKC80 (All Versions), Legacy Modicon Quantum - 140CPU65* and Premium CPUs - TSXP57* (All Versions)\u003c/p\u003e"
            }
          ],
          "value": "A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause arbitrary code execution, denial of service and loss of confidentiality \u0026 integrity when a malicious project file is loaded onto the controller. Affected Products: EcoStruxure Control Expert (All Versions), EcoStruxure Process Expert (All Versions), Modicon M340 CPU - part numbers BMXP34* (All Versions), Modicon M580 CPU - part numbers BMEP* and BMEH* (All Versions), Modicon M580 CPU Safety - part numbers BMEP58*S and BMEH58*S (All Versions), Modicon Momentum Unity M1E Processor - 171CBU* (All Versions), Modicon MC80 - BMKC80 (All Versions), Legacy Modicon Quantum - 140CPU65* and Premium CPUs - TSXP57* (All Versions)\n\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-754",
              "description": "CWE-754 Improper Check for Unusual or Exceptional Conditions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-08-09T13:43:07.202Z",
        "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "shortName": "schneider"
      },
      "references": [
        {
          "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-010-05\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2023-010-05_Modicon_Controllers_Security_Notification.pdf"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
    "assignerShortName": "schneider",
    "cveId": "CVE-2022-45788",
    "datePublished": "2023-01-30T00:00:00.000Z",
    "dateReserved": "2022-11-22T00:00:00.000Z",
    "dateUpdated": "2025-02-05T20:07:14.882Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-22791

Vulnerability from cvelistv5

Published

2021-09-02 16:52

Modified

2024-08-03 18:51

Severity ?

Summary

A CWE-787: Out-of-bounds Write vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxureª Control Expert, including all Unity Pro versions (former name of EcoStruxureª Control Expert, all versions), PLC Simulator for EcoStruxureª Process Expert including all HDCS versions (former name of EcoStruxureª Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions).

References

▼	URL	Tags
	https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-06	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	Modicon M580 CPU (part numbers BMEP* and BMEH, all versions), Modicon M340 CPU (part numbers BMXP34, all versions), Modicon MC80 (part numbers BMKC80, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU, all versions), PLC Simulator for EcoStruxureª Control Expert, including all Unity Pro versions (former name of EcoStruxureª Control Expert, all versions), PLC Simulator for EcoStruxureª Process Expert including all HDCS versions (former name of EcoStruxureª Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU, all versions), Modicon Premium CPU (part numbers TSXP5, all versions)	Version: Modicon M580 CPU (part numbers BMEP* and BMEH, all versions), Modicon M340 CPU (part numbers BMXP34, all versions), Modicon MC80 (part numbers BMKC80, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU, all versions), PLC Simulator for EcoStruxureª Control Expert, including all Unity Pro versions (former name of EcoStruxureª Control Expert, all versions), PLC Simulator for EcoStruxureª Process Expert including all HDCS versions (former name of EcoStruxureª Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU, all versions), Modicon Premium CPU (part numbers TSXP5, all versions)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T18:51:07.453Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-06"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxure\u00aa Control Expert, including all Unity Pro versions (former name of EcoStruxure\u00aa Control Expert, all versions), PLC Simulator for EcoStruxure\u00aa Process Expert including all HDCS versions (former name of EcoStruxure\u00aa Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxure\u00aa Control Expert, including all Unity Pro versions (former name of EcoStruxure\u00aa Control Expert, all versions), PLC Simulator for EcoStruxure\u00aa Process Expert including all HDCS versions (former name of EcoStruxure\u00aa Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A CWE-787: Out-of-bounds Write vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxure\u00aa Control Expert, including all Unity Pro versions (former name of EcoStruxure\u00aa Control Expert, all versions), PLC Simulator for EcoStruxure\u00aa Process Expert including all HDCS versions (former name of EcoStruxure\u00aa Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787: Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-09-02T16:52:51",
        "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "shortName": "schneider"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-06"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cybersecurity@schneider-electric.com",
          "ID": "CVE-2021-22791",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxure\u00aa Control Expert, including all Unity Pro versions (former name of EcoStruxure\u00aa Control Expert, all versions), PLC Simulator for EcoStruxure\u00aa Process Expert including all HDCS versions (former name of EcoStruxure\u00aa Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxure\u00aa Control Expert, including all Unity Pro versions (former name of EcoStruxure\u00aa Control Expert, all versions), PLC Simulator for EcoStruxure\u00aa Process Expert including all HDCS versions (former name of EcoStruxure\u00aa Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A CWE-787: Out-of-bounds Write vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxure\u00aa Control Expert, including all Unity Pro versions (former name of EcoStruxure\u00aa Control Expert, all versions), PLC Simulator for EcoStruxure\u00aa Process Expert including all HDCS versions (former name of EcoStruxure\u00aa Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-787: Out-of-bounds Write"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-06",
              "refsource": "MISC",
              "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-06"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
    "assignerShortName": "schneider",
    "cveId": "CVE-2021-22791",
    "datePublished": "2021-09-02T16:52:51",
    "dateReserved": "2021-01-06T00:00:00",
    "dateUpdated": "2024-08-03T18:51:07.453Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-22789

Vulnerability from cvelistv5

Published

2021-09-02 16:52

Modified

2024-08-03 18:51

Severity ?

Summary

A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxureª Control Expert, including all Unity Pro versions (former name of EcoStruxureª Control Expert, all versions), PLC Simulator for EcoStruxureª Process Expert including all HDCS versions (former name of EcoStruxureª Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions).

References

▼	URL	Tags
	https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-04	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	Modicon M580 CPU (part numbers BMEP* and BMEH, all versions), Modicon M340 CPU (part numbers BMXP34, all versions), Modicon MC80 (part numbers BMKC80, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU, all versions), PLC Simulator for EcoStruxureª Control Expert, including all Unity Pro versions (former name of EcoStruxureª Control Expert, all versions), PLC Simulator for EcoStruxureª Process Expert including all HDCS versions (former name of EcoStruxureª Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU, all versions), Modicon Premium CPU (part numbers TSXP5, all versions)	Version: Modicon M580 CPU (part numbers BMEP* and BMEH, all versions), Modicon M340 CPU (part numbers BMXP34, all versions), Modicon MC80 (part numbers BMKC80, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU, all versions), PLC Simulator for EcoStruxureª Control Expert, including all Unity Pro versions (former name of EcoStruxureª Control Expert, all versions), PLC Simulator for EcoStruxureª Process Expert including all HDCS versions (former name of EcoStruxureª Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU, all versions), Modicon Premium CPU (part numbers TSXP5, all versions)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T18:51:07.526Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-04"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxure\u00aa Control Expert, including all Unity Pro versions (former name of EcoStruxure\u00aa Control Expert, all versions), PLC Simulator for EcoStruxure\u00aa Process Expert including all HDCS versions (former name of EcoStruxure\u00aa Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxure\u00aa Control Expert, including all Unity Pro versions (former name of EcoStruxure\u00aa Control Expert, all versions), PLC Simulator for EcoStruxure\u00aa Process Expert including all HDCS versions (former name of EcoStruxure\u00aa Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxure\u00aa Control Expert, including all Unity Pro versions (former name of EcoStruxure\u00aa Control Expert, all versions), PLC Simulator for EcoStruxure\u00aa Process Expert including all HDCS versions (former name of EcoStruxure\u00aa Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-119",
              "description": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-09-02T16:52:25",
        "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "shortName": "schneider"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-04"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cybersecurity@schneider-electric.com",
          "ID": "CVE-2021-22789",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxure\u00aa Control Expert, including all Unity Pro versions (former name of EcoStruxure\u00aa Control Expert, all versions), PLC Simulator for EcoStruxure\u00aa Process Expert including all HDCS versions (former name of EcoStruxure\u00aa Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxure\u00aa Control Expert, including all Unity Pro versions (former name of EcoStruxure\u00aa Control Expert, all versions), PLC Simulator for EcoStruxure\u00aa Process Expert including all HDCS versions (former name of EcoStruxure\u00aa Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxure\u00aa Control Expert, including all Unity Pro versions (former name of EcoStruxure\u00aa Control Expert, all versions), PLC Simulator for EcoStruxure\u00aa Process Expert including all HDCS versions (former name of EcoStruxure\u00aa Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-04",
              "refsource": "MISC",
              "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-04"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
    "assignerShortName": "schneider",
    "cveId": "CVE-2021-22789",
    "datePublished": "2021-09-02T16:52:25",
    "dateReserved": "2021-01-06T00:00:00",
    "dateUpdated": "2024-08-03T18:51:07.526Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-22790

Vulnerability from cvelistv5

Published

2021-09-02 16:52

Modified

2024-08-03 18:51

Severity ?

Summary

A CWE-125: Out-of-bounds Read vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxureª Control Expert, including all Unity Pro versions (former name of EcoStruxureª Control Expert, all versions), PLC Simulator for EcoStruxureª Process Expert including all HDCS versions (former name of EcoStruxureª Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions).

References

▼	URL	Tags
	https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-05	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	Modicon M580 CPU (part numbers BMEP* and BMEH, all versions), Modicon M340 CPU (part numbers BMXP34, all versions), Modicon MC80 (part numbers BMKC80, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU, all versions), PLC Simulator for EcoStruxureª Control Expert, including all Unity Pro versions (former name of EcoStruxureª Control Expert, all versions), PLC Simulator for EcoStruxureª Process Expert including all HDCS versions (former name of EcoStruxureª Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU, all versions), Modicon Premium CPU (part numbers TSXP5, all versions)	Version: Modicon M580 CPU (part numbers BMEP* and BMEH, all versions), Modicon M340 CPU (part numbers BMXP34, all versions), Modicon MC80 (part numbers BMKC80, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU, all versions), PLC Simulator for EcoStruxureª Control Expert, including all Unity Pro versions (former name of EcoStruxureª Control Expert, all versions), PLC Simulator for EcoStruxureª Process Expert including all HDCS versions (former name of EcoStruxureª Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU, all versions), Modicon Premium CPU (part numbers TSXP5, all versions)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T18:51:07.462Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-05"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxure\u00aa Control Expert, including all Unity Pro versions (former name of EcoStruxure\u00aa Control Expert, all versions), PLC Simulator for EcoStruxure\u00aa Process Expert including all HDCS versions (former name of EcoStruxure\u00aa Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxure\u00aa Control Expert, including all Unity Pro versions (former name of EcoStruxure\u00aa Control Expert, all versions), PLC Simulator for EcoStruxure\u00aa Process Expert including all HDCS versions (former name of EcoStruxure\u00aa Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A CWE-125: Out-of-bounds Read vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxure\u00aa Control Expert, including all Unity Pro versions (former name of EcoStruxure\u00aa Control Expert, all versions), PLC Simulator for EcoStruxure\u00aa Process Expert including all HDCS versions (former name of EcoStruxure\u00aa Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "CWE-125: Out-of-bounds Read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-09-02T16:52:39",
        "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "shortName": "schneider"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-05"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cybersecurity@schneider-electric.com",
          "ID": "CVE-2021-22790",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxure\u00aa Control Expert, including all Unity Pro versions (former name of EcoStruxure\u00aa Control Expert, all versions), PLC Simulator for EcoStruxure\u00aa Process Expert including all HDCS versions (former name of EcoStruxure\u00aa Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxure\u00aa Control Expert, including all Unity Pro versions (former name of EcoStruxure\u00aa Control Expert, all versions), PLC Simulator for EcoStruxure\u00aa Process Expert including all HDCS versions (former name of EcoStruxure\u00aa Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A CWE-125: Out-of-bounds Read vulnerability that could cause a Denial of Service on the Modicon PLC controller / simulator when updating the controller application with a specially crafted project file exists in Modicon M580 CPU (part numbers BMEP* and BMEH*, all versions), Modicon M340 CPU (part numbers BMXP34*, all versions), Modicon MC80 (part numbers BMKC80*, all versions), Modicon Momentum Ethernet CPU (part numbers 171CBU*, all versions), PLC Simulator for EcoStruxure\u00aa Control Expert, including all Unity Pro versions (former name of EcoStruxure\u00aa Control Expert, all versions), PLC Simulator for EcoStruxure\u00aa Process Expert including all HDCS versions (former name of EcoStruxure\u00aa Process Expert, all versions), Modicon Quantum CPU (part numbers 140CPU*, all versions), Modicon Premium CPU (part numbers TSXP5*, all versions)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-125: Out-of-bounds Read"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-05",
              "refsource": "MISC",
              "url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-222-05"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
    "assignerShortName": "schneider",
    "cveId": "CVE-2021-22790",
    "datePublished": "2021-09-02T16:52:39",
    "dateReserved": "2021-01-06T00:00:00",
    "dateUpdated": "2024-08-03T18:51:07.462Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-7563

Vulnerability from cvelistv5

Published

2020-11-18 13:50

Modified

2024-08-04 09:33

Severity ?

Summary

A CWE-787: Out-of-bounds Write vulnerability exists in the Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details) which could cause corruption of data, a crash, or code execution when uploading a specially crafted file on the controller over FTP.

References

▼	URL	Tags
	https://www.se.com/ww/en/download/document/SEVD-2020-315-01/	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details)	Version: Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:33:19.765Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.se.com/ww/en/download/document/SEVD-2020-315-01/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details)",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A CWE-787: Out-of-bounds Write vulnerability exists in the Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details) which could cause corruption of data, a crash, or code execution when uploading a specially crafted file on the controller over FTP."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "CWE-787 Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-11-18T13:50:57",
        "orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
        "shortName": "schneider"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.se.com/ww/en/download/document/SEVD-2020-315-01/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cybersecurity@schneider-electric.com",
          "ID": "CVE-2020-7563",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details)"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A CWE-787: Out-of-bounds Write vulnerability exists in the Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details) which could cause corruption of data, a crash, or code execution when uploading a specially crafted file on the controller over FTP."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-787 Out-of-bounds Write"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.se.com/ww/en/download/document/SEVD-2020-315-01/",
              "refsource": "MISC",
              "url": "https://www.se.com/ww/en/download/document/SEVD-2020-315-01/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
    "assignerShortName": "schneider",
    "cveId": "CVE-2020-7563",
    "datePublished": "2020-11-18T13:50:57",
    "dateReserved": "2020-01-21T00:00:00",
    "dateUpdated": "2024-08-04T09:33:19.765Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Vulnerabilites related to schneider-electric - modicon_quantum_140cpu65150c

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5