8.1
CVE-2023-6408
- EPSS 0.16%
- Veröffentlicht 14.02.2024 17:15:11
- Zuletzt bearbeitet 23.01.2025 19:39:42
- Quelle cybersecurity@se.com
- Teams Watchlist Login
- Unerledigt Login
CWE-924: Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability exists that could cause a denial of service and loss of confidentiality, integrity of controllers when conducting a Man in the Middle attack.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Schneider-electric ≫ Modicon M340 Bmxp341000 Firmware Version < 3.60
Schneider-electric ≫ Modicon M340 Bmxp341000h Firmware Version < 3.60
Schneider-electric ≫ Modicon M340 Bmxp342000 Firmware Version < 3.60
Schneider-electric ≫ Modicon M340 Bmxp342010 Firmware Version < 3.60
Schneider-electric ≫ Modicon M340 Bmxp3420102 Firmware Version < 3.60
Schneider-electric ≫ Modicon M340 Bmxp3420102cl Firmware Version < 3.60
Schneider-electric ≫ Modicon M340 Bmxp342020 Firmware Version < 3.60
Schneider-electric ≫ Modicon M340 Bmxp342020h Firmware Version < 3.60
Schneider-electric ≫ Modicon M340 Bmxp342030 Firmware Version < 3.60
Schneider-electric ≫ Modicon M340 Bmxp3420302 Firmware Version < 3.60
Schneider-electric ≫ Modicon M340 Bmxp3420302cl Firmware Version < 3.60
Schneider-electric ≫ Modicon M340 Bmxp3420302h Firmware Version < 3.60
Schneider-electric ≫ Modicon M340 Bmxp342030h Firmware Version < 3.60
Schneider-electric ≫ Modicon M580 Bmep581020 Firmware Version < 4.20
Schneider-electric ≫ Modicon M580 Bmep581020h Firmware Version < 4.20
Schneider-electric ≫ Modicon M580 Bmep582020 Firmware Version < 4.20
Schneider-electric ≫ Modicon M580 Bmep582020h Firmware Version < 4.20
Schneider-electric ≫ Modicon M580 Bmep582040 Firmware Version < 4.20
Schneider-electric ≫ Modicon M580 Bmep582040h Firmware Version < 4.20
Schneider-electric ≫ Modicon M580 Bmep582040s Firmware Version < 4.21
Schneider-electric ≫ Modicon M580 Bmep583020 Firmware Version < 4.20
Schneider-electric ≫ Modicon M580 Bmep583040 Firmware Version < 4.20
Schneider-electric ≫ Modicon M580 Bmep584040 Firmware Version < 4.20
Schneider-electric ≫ Modicon M580 Bmep584020 Firmware Version < 4.20
Schneider-electric ≫ Modicon M580 Bmep584040s Firmware Version < 4.21
Schneider-electric ≫ Modicon M580 Bmep585040 Firmware Version < 4.20
Schneider-electric ≫ Modicon M580 Bmep585040c Firmware Version < 4.20
Schneider-electric ≫ Modicon M580 Bmep586040 Firmware Version < 4.20
Schneider-electric ≫ Modicon M580 Bmep586040c Firmware Version < 4.20
Schneider-electric ≫ Modicon M580 Bmeh582040 Firmware Version < 4.20
Schneider-electric ≫ Modicon M580 Bmeh582040c Firmware Version < 4.20
Schneider-electric ≫ Modicon M580 Bmeh584040 Firmware Version < 4.20
Schneider-electric ≫ Modicon M580 Bmeh582040s Firmware Version < 4.21
Schneider-electric ≫ Modicon M580 Bmeh584040c Firmware Version < 4.20
Schneider-electric ≫ Modicon M580 Bmeh584040s Firmware Version < 4.21
Schneider-electric ≫ Modicon M580 Bmeh586040 Firmware Version < 4.20
Schneider-electric ≫ Modicon M580 Bmeh586040c Firmware Version < 4.20
Schneider-electric ≫ Modicon M580 Bmeh586040s Firmware Version < 4.21
Schneider-electric ≫ Ecostruxure Control Expert Version < 16.0
Schneider-electric ≫ Ecostruxure Process Expert Version < 2023
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.16% | 0.371 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.1 | 2.2 | 5.9 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| cybersecurity@se.com | 8.1 | 2.2 | 5.9 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
|
CWE-924 Improper Enforcement of Message Integrity During Transmission in a Communication Channel
The product establishes a communication channel with an endpoint and receives a message from that endpoint, but it does not sufficiently ensure that the message was not modified during transmission.