Description

A CWE-269: Improper Privilege Management vulnerability exists that could cause a denial of service of the Ethernet communication of the controller when sending a specific request over SNMP. Affected products: Modicon M340 CPUs(BMXP34* versions prior to V3.40), Modicon M340 X80 Ethernet Communication modules:BMXNOE0100 (H), BMXNOE0110 (H), BMXNOR0200H RTU(BMXNOE* all versions)(BMXNOR* versions prior to v1.7 IR24)

Related CPE's

o

schneider-electric

modicon_m340_bmxp341000_firmware

Vulnerable

h

schneider-electric

modicon_m340_bmxp341000

-

o

schneider-electric

modicon_m340_bmxp342000_firmware

Vulnerable

h

schneider-electric

modicon_m340_bmxp342000

-

o

schneider-electric

modicon_m340_bmxp342010_firmware

Vulnerable

h

schneider-electric

modicon_m340_bmxp342010

-

o

schneider-electric

modicon_m340_bmxp3420102_firmware

Vulnerable

h

schneider-electric

modicon_m340_bmxp3420102

-

o

schneider-electric

modicon_m340_bmxp342020_firmware

Vulnerable

h

schneider-electric

modicon_m340_bmxp342020

-

o

schneider-electric

modicon_m340_bmxp342020h_firmware

Vulnerable

h

schneider-electric

modicon_m340_bmxp342020h

-

o

schneider-electric

modicon_m340_bmxp342030_firmware

Vulnerable

h

schneider-electric

modicon_m340_bmxp342030

-

o

schneider-electric

modicon_m340_bmxp3420302_firmware

Vulnerable

h

schneider-electric

modicon_m340_bmxp3420302

-

o

schneider-electric

modicon_m340_bmxp3420302h_firmware

Vulnerable

h

schneider-electric

modicon_m340_bmxp3420302h

-

o

schneider-electric

modicon_m340_bmxp342030h_firmware

Vulnerable

h

schneider-electric

modicon_m340_bmxp342030h

-

o

schneider-electric

modicon_m340_bmxnoe0100_firmware

-

Vulnerable

h

schneider-electric

modicon_m340_bmxnoe0100

-

o

schneider-electric

modicon_m340_bmxnoe0110_firmware

-

Vulnerable

h

schneider-electric

modicon_m340_bmxnoe0110

-

o

schneider-electric

modicon_m340_bmxnoe0110h_firmware

-

Vulnerable

h

schneider-electric

modicon_m340_bmxnoe0110h

-

o

schneider-electric

modicon_m340_bmxnor0200h_firmware

-

Vulnerable

h

schneider-electric

modicon_m340_bmxnor0200h

-

References

https://www.se.com/us/en/download/document/SEVD-2022-102-02/

Vendor Advisory

https://www.se.com/us/en/download/document/SEVD-2022-102-02/

Vendor Advisory

Weaknesses

[email protected]

Secondary
CWE-269

[email protected]

Primary
CWE-269

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.5 · High

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2022-11-22T12:15:10.113Z

3 years ago

Last modified

2024-11-21T05:38:10.500Z

1 year ago