cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-12142,https://securityvulnerability.io/vulnerability/CVE-2024-12142,Sensitive Information Exposure in Schneider Electric Web Products,"A vulnerability exists within Schneider Electric’s web products that allows unauthorized users to access sensitive information. This exposure could lead to information disclosure of restricted web pages, and potentially allow modifications to such pages. In certain scenarios, the vulnerability may also result in denial of service if restricted functions are improperly invoked. It is crucial for organizations using Schneider Electric's web products to assess their security measures and address any potential risks associated with this vulnerability.",Schneider Electric,"Modicon M340 Processors (part Numbers Bmxp34*),Bmxnoe0100,Bmxnoe0110,Bmxnor0200h",8.8,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-17T10:19:11.768Z,0
CVE-2024-12476,https://securityvulnerability.io/vulnerability/CVE-2024-12476,Improper XML External Entity Handling in Schneider Electric's Web Designer Tool,"A vulnerability related to improper handling of XML external entities exists within Schneider Electric's Web Designer configuration tool. This issue arises when a specially crafted XML file is imported, potentially leading to information disclosure. The flaw could compromise workstation integrity and may allow an attacker to execute remote code on affected systems, highlighting the significance of secure XML parsing practices.",Schneider Electric,"Web Designer For Bmxnor0200h,Web Designer For Bmxnoe0110(h),Web Designer For Bmenoc0311(c),Web Designer For Bmenoc0321(c)",8.4,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-17T09:42:47.616Z,0
CVE-2022-0222,https://securityvulnerability.io/vulnerability/CVE-2022-0222,Improper Privilege Management in Modicon M340 Ethernet Communication Modules by Schneider Electric,"An improper privilege management vulnerability has been identified in Schneider Electric's Modicon M340 series, which may lead to a denial of service for Ethernet communication. The flaw allows unauthorized users to manipulate SNMP requests, disrupting the communication of the affected controller models. This vulnerability specifically impacts Modicon M340 CPUs and corresponding Ethernet communication modules, making it critical for users to review and patch affected versions.",Schneider Electric,"Modicon M340 CPUs,Modicon M340 X80 Ethernet Communication modules: BMXNOE0100 (H) BMXNOE0110 (H) BMXNOR0200H RTU",7.5,HIGH,0.0008900000248104334,false,,false,false,false,,,false,false,,2022-11-22T00:00:00.000Z,0
CVE-2021-22788,https://securityvulnerability.io/vulnerability/CVE-2021-22788,Out-of-bounds Write Vulnerability in Schneider Electric Modicon Products,"An out-of-bounds write vulnerability exists in Schneider Electric's Modicon products, which can be exploited by attackers to cause denial of service. By sending specially crafted HTTP requests to the affected devices, attackers may disrupt the normal operation of the web server, potentially leading to significant service downtime. This vulnerability affects various Modicon processors and communication modules, necessitating immediate attention from users to implement corrective measures.",Schneider Electric,"Modicon M340 Cpus: Bmxp34 (versions Prior To V3.40), Modicon M340 X80 Ethernet Communication Modules: Bmxnoe0100 (h), Bmxnoe0110 (h), Bmxnoc0401, Bmxnor0200h Rtu (all Versions), Modicon Premium Processors With Integrated Ethernet (copro): Tsxp574634, Tsxp575634, Tsxp576634 (all Versions), Modicon Quantum Processors With Integrated Ethernet (copro): 140cpu65xxxxx (all Versions), Modicon Quantum Communication Modules: 140noe771x1, 140noc78x00, 140noc77101 (all Versions), Modicon Premium Communication Modules: Tsxety4103, Tsxety5103 (all Versions)",7.5,HIGH,0.0015800000401213765,false,,false,false,false,,,false,false,,2022-02-11T17:40:33.000Z,0
CVE-2021-22787,https://securityvulnerability.io/vulnerability/CVE-2021-22787,Improper Input Validation Vulnerability in Modicon M340 and Quantum Products by Schneider Electric,"An improper input validation vulnerability in Schneider Electric's Modicon products could lead to a denial of service. This issue arises when an attacker sends a specially crafted HTTP request to the affected device’s web server, exploiting the lack of proper validation mechanisms. This vulnerability affects various models within the Modicon M340 series, Quantum processors, and other communication modules, impacting their operational stability. Users of these devices are advised to implement appropriate security measures and consider upgrading to secure versions.",Schneider Electric,"Modicon M340 Cpus: Bmxp34 (versions Prior To V3.40), Modicon M340 X80 Ethernet Communication Modules: Bmxnoe0100 (h), Bmxnoe0110 (h), Bmxnoc0401, Bmxnor0200h Rtu (all Versions), Modicon Premium Processors With Integrated Ethernet (copro): Tsxp574634, Tsxp575634, Tsxp576634 (all Versions), Modicon Quantum Processors With Integrated Ethernet (copro): 140cpu65xxxxx (all Versions), Modicon Quantum Communication Modules: 140noe771x1, 140noc78x00, 140noc77101 (all Versions), Modicon Premium Communication Modules: Tsxety4103, Tsxety5103 (all Versions)",7.5,HIGH,0.0010999999940395355,false,,false,false,false,,,false,false,,2022-02-11T17:40:32.000Z,0
CVE-2021-22785,https://securityvulnerability.io/vulnerability/CVE-2021-22785,Information Exposure Vulnerability in Modicon M340 and Premium Processors by Schneider Electric,"An information exposure vulnerability has been identified in Schneider Electric’s Modicon CPUs, which allows an unauthorized attacker to access sensitive data residing in the web root directory. This exposure can occur when a malicious actor sends a specially crafted HTTP request to the device's web server, enabling them to leak confidential information. Affected devices include various models of Modicon M340, Premium, and Quantum processors, highlighting the significance of timely updates and securing network environments against potential exploits.",Schneider Electric,"Modicon M340 Cpus: Bmxp34 (versions Prior To V3.40), Modicon M340 X80 Ethernet Communication Modules: Bmxnoe0100 (h), Bmxnoe0110 (h), Bmxnoc0401, Bmxnor0200h Rtu (all Versions), Modicon Premium Processors With Integrated Ethernet (copro): Tsxp574634, Tsxp575634, Tsxp576634 (all Versions), Modicon Quantum Processors With Integrated Ethernet (copro): 140cpu65xxxxx (all Versions), Modicon Quantum Communication Modules: 140noe771x1, 140noc78x00, 140noc77101 (all Versions), Modicon Premium Communication Modules: Tsxety4103, Tsxety5103 (all Versions)",7.5,HIGH,0.002199999988079071,false,,false,false,false,,,false,false,,2022-02-11T17:40:31.000Z,0
CVE-2020-7536,https://securityvulnerability.io/vulnerability/CVE-2020-7536,Improper Check for Unusual Conditions in Modicon M340 by Schneider Electric,"A vulnerability exists in Schneider Electric's Modicon M340 series, specifically impacting certain versions of the Modicon M340 CPUs and Communication Ethernet modules. This flaw arises from an improper check for unusual or exceptional conditions, which may render the device unreachable when network parameters are modified via SNMP. Affected users are advised to consult the vendor's documentation and update to the latest versions to mitigate potential risks.",Schneider Electric,"Modicon M340 Cpus (bmxp34* Versions Prior To V3.30) And Modicon M340 Communication Ethernet Modules (bmxnoe0100 (h) Versions Prior To V3.4,  Bmxnoe0110 (h) Versions Prior To V6.6, And Bmxnor0200h All Versions)",7.5,HIGH,0.0011599999852478504,false,,false,false,false,,,false,false,,2020-12-11T00:46:18.000Z,0
CVE-2015-7937,https://securityvulnerability.io/vulnerability/CVE-2015-7937,,Stack-based buffer overflow in the GoAhead Web Server on Schneider Electric Modicon M340 PLC BMXNOx and BMXPx devices allows remote attackers to execute arbitrary code via a long password in HTTP Basic Authentication data.,Schneider Electric,"Bmxp3420302,Bmxnoe0110h,Bmxpra0100,Bmxnoc0401,Bmxp342020,Bmxnor0200h,Bmxnoe0100,Bmxnor0200,Bmxp3420302h,Bmxp342020h,Bmxnoe0110,Bmxp342030,Bmxnoe0100h",,,0.16304999589920044,false,,false,false,false,,,false,false,,2015-12-21T11:00:00.000Z,0