Schneider-electric

Modicon M340 Bmxp342000 Firmware

25 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2020-7542

  • EPSS 0.39%
  • Published 11.12.2020 01:15:12
  • Last modified 21.11.2024 05:37:20

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum & Modicon Premium (see security notifications for affected versions), that could cause denial of se...

5.3

CVE-2020-7541

  • EPSS 0.31%
  • Published 11.12.2020 01:15:12
  • Last modified 21.11.2024 05:37:20

A CWE-425: Direct Request ('Forced Browsing') vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could...

9.8

CVE-2020-7540

  • EPSS 0.31%
  • Published 11.12.2020 01:15:12
  • Last modified 21.11.2024 05:37:20

A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), ...

7.5

CVE-2020-7537

  • EPSS 0.39%
  • Published 11.12.2020 01:15:12
  • Last modified 21.11.2024 05:37:20

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum & Modicon Premium (see security notifications for affected versions), that could cause denial of se...

7.8

CVE-2020-7536

  • EPSS 0.48%
  • Published 11.12.2020 01:15:12
  • Last modified 21.11.2024 05:37:20

A CWE-754:Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M340 CPUs (BMXP34* versions prior to V3.30) Modicon M340 Communication Ethernet modules (BMXNOE0100 (H) versions prior to V3.4 BMXNOE0110 (H) versions prio...

7.5

CVE-2020-7535

  • EPSS 0.43%
  • Published 11.12.2020 01:15:12
  • Last modified 21.11.2024 05:37:19

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal' Vulnerability Type) vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules...

9.8

CVE-2020-7533

  • EPSS 0.24%
  • Published 01.12.2020 15:15:12
  • Last modified 10.06.2025 08:15:21

CWE-287: Improper Authentication vulnerability exists which could cause the execution of commands on the webserver without authentication when sending specially crafted HTTP requests.

7.5

CVE-2019-6855

  • EPSS 0.19%
  • Published 06.01.2020 23:15:11
  • Last modified 21.11.2024 04:47:17

Incorrect Authorization vulnerability exists in EcoStruxure Control Expert (all versions prior to 14.1 Hot Fix), Unity Pro (all versions), Modicon M340 (all versions prior to V3.20) , and Modicon M580 (all versions prior to V3.10), which could cause ...

7.5

CVE-2018-7762

  • EPSS 0.82%
  • Published 18.04.2018 20:29:00
  • Last modified 21.11.2024 04:12:41

A vulnerability exists in the web services to process SOAP requests in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200 which could allow result in a buffer overflow.

9.8

CVE-2018-7761

  • EPSS 0.58%
  • Published 18.04.2018 20:29:00
  • Last modified 21.11.2024 04:12:41

A vulnerability exists in the HTTP request parser in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200 which could allow arbitrary code execution.