CPE-A0BA8A99-45F5-43D8-A575-ECCBEFE451AA Détail

CPE Details

Schneider Electric MODICON M340 BMXP342020 FIRMWARE 3.50

Vendor

schneider-electric

Product

modicon_m340_bmxp342020_firmware

Version

3.50

Created

2022-09-15
11h19 +00:00

Modifié

2022-09-15
12h27 +00:00

Liens officiels

CPE NVD

Alerte pour un CPE

Restez informé de toutes modifications pour un CPE spécifique.

Gestion des notifications

Liste des Notifications

Alerte pour un CPE

Restez informé de toutes modifications pour un CPE spécifique.

Paramètres

Vous pouvez spécifier un titre qui sera récupéré dans les alertes qui seront envoyées.

CPE ID

Planifications

Mois

Prochaine exécution calculée

Jour

Jour de la semaine

Heure

Minute

Date de création

Dernière exécution

Prochaine exécution

Fonctionnalité nécessitant une connexion

Cette fonctionnalité qui vous permet de recevoir des alertes, n'est active que lorsque vous êtes connecté à votre compte.

CPE Name: cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:3.50:::::::*

Informations

Vendor

schneider-electric

Product

modicon_m340_bmxp342020_firmware

Version

3.50

Related CVE

Open and find in CVE List

CVE ID	Publié	Description	Score	Gravité
CVE-2023-6408	2024-02-14 16h52 +00:00	CWE-924: Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability exists that could cause a denial of service and loss of confidentiality, integrity of controllers when conducting a Man in the Middle attack.	8.1	Haute
CVE-2022-45789	2023-01-31 00h00 +00:00	A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause execution of unauthorized Modbus functions on the controller when hijacking an authenticated Modbus session. Affected Products: EcoStruxure Control Expert (All Versions), EcoStruxure Process Expert (All Versions), Modicon M340 CPU - part numbers BMXP34* (All Versions), Modicon M580 CPU - part numbers BMEP* and BMEH* (All Versions), Modicon M580 CPU Safety - part numbers BMEP58S and BMEH58S (All Versions)	9.8	Critique
CVE-2020-7534	2022-02-04 21h29 +00:00	A CWE-352: Cross-Site Request Forgery (CSRF) vulnerability exists on the web server used, that could cause a leak of sensitive data or unauthorized actions on the web server during the time the user is logged in. Affected Products: Modicon M340 CPUs: BMXP34 (All Versions), Modicon Quantum CPUs with integrated Ethernet (Copro): 140CPU65 (All Versions), Modicon Premium CPUs with integrated Ethernet (Copro): TSXP57 (All Versions), Modicon M340 ethernet modules: (BMXNOC0401, BMXNOE01, BMXNOR0200H) (All Versions), Modicon Quantum and Premium factory cast communication modules: (140NOE77111, 140NOC78*00, TSXETY5103, TSXETY4103) (All Versions)	8.8	Haute
CVE-2021-22779	2021-07-14 12h26 +00:00	Authentication Bypass by Spoofing vulnerability exists in EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all versions of Unity Pro), EcoStruxure Control Expert V15.0 SP1, EcoStruxure Process Expert (all versions, including all versions of EcoStruxure Hybrid DCS), SCADAPack RemoteConnect for x70 (all versions), Modicon M580 CPU (all versions - part numbers BMEP* and BMEH), Modicon M340 CPU (all versions - part numbers BMXP34), that could cause unauthorized access in read and write mode to the controller by spoofing the Modbus communication between the engineering software and the controller.	9.1	Critique

Schneider Electric MODICON M340 BMXP342020 FIRMWARE 3.50

CPE Details

CPE Name: cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:3.50:*:*:*:*:*:*:*

Informations

Vendor

Product

Version

Related CVE

CPE Name: cpe:2.3:o:schneider-electric:modicon_m340_bmxp342020_firmware:3.50:::::::*