cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2021-22788,https://securityvulnerability.io/vulnerability/CVE-2021-22788,Out-of-bounds Write Vulnerability in Schneider Electric Modicon Products,"An out-of-bounds write vulnerability exists in Schneider Electric's Modicon products, which can be exploited by attackers to cause denial of service. By sending specially crafted HTTP requests to the affected devices, attackers may disrupt the normal operation of the web server, potentially leading to significant service downtime. This vulnerability affects various Modicon processors and communication modules, necessitating immediate attention from users to implement corrective measures.",Schneider Electric,"Modicon M340 Cpus: Bmxp34 (versions Prior To V3.40), Modicon M340 X80 Ethernet Communication Modules: Bmxnoe0100 (h), Bmxnoe0110 (h), Bmxnoc0401, Bmxnor0200h Rtu (all Versions), Modicon Premium Processors With Integrated Ethernet (copro): Tsxp574634, Tsxp575634, Tsxp576634 (all Versions), Modicon Quantum Processors With Integrated Ethernet (copro): 140cpu65xxxxx (all Versions), Modicon Quantum Communication Modules: 140noe771x1, 140noc78x00, 140noc77101 (all Versions), Modicon Premium Communication Modules: Tsxety4103, Tsxety5103 (all Versions)",7.5,HIGH,0.0015800000401213765,false,,false,false,false,,,false,false,,2022-02-11T17:40:33.000Z,0
CVE-2021-22787,https://securityvulnerability.io/vulnerability/CVE-2021-22787,Improper Input Validation Vulnerability in Modicon M340 and Quantum Products by Schneider Electric,"An improper input validation vulnerability in Schneider Electric's Modicon products could lead to a denial of service. This issue arises when an attacker sends a specially crafted HTTP request to the affected device’s web server, exploiting the lack of proper validation mechanisms. This vulnerability affects various models within the Modicon M340 series, Quantum processors, and other communication modules, impacting their operational stability. Users of these devices are advised to implement appropriate security measures and consider upgrading to secure versions.",Schneider Electric,"Modicon M340 Cpus: Bmxp34 (versions Prior To V3.40), Modicon M340 X80 Ethernet Communication Modules: Bmxnoe0100 (h), Bmxnoe0110 (h), Bmxnoc0401, Bmxnor0200h Rtu (all Versions), Modicon Premium Processors With Integrated Ethernet (copro): Tsxp574634, Tsxp575634, Tsxp576634 (all Versions), Modicon Quantum Processors With Integrated Ethernet (copro): 140cpu65xxxxx (all Versions), Modicon Quantum Communication Modules: 140noe771x1, 140noc78x00, 140noc77101 (all Versions), Modicon Premium Communication Modules: Tsxety4103, Tsxety5103 (all Versions)",7.5,HIGH,0.0010999999940395355,false,,false,false,false,,,false,false,,2022-02-11T17:40:32.000Z,0
CVE-2021-22785,https://securityvulnerability.io/vulnerability/CVE-2021-22785,Information Exposure Vulnerability in Modicon M340 and Premium Processors by Schneider Electric,"An information exposure vulnerability has been identified in Schneider Electric’s Modicon CPUs, which allows an unauthorized attacker to access sensitive data residing in the web root directory. This exposure can occur when a malicious actor sends a specially crafted HTTP request to the device's web server, enabling them to leak confidential information. Affected devices include various models of Modicon M340, Premium, and Quantum processors, highlighting the significance of timely updates and securing network environments against potential exploits.",Schneider Electric,"Modicon M340 Cpus: Bmxp34 (versions Prior To V3.40), Modicon M340 X80 Ethernet Communication Modules: Bmxnoe0100 (h), Bmxnoe0110 (h), Bmxnoc0401, Bmxnor0200h Rtu (all Versions), Modicon Premium Processors With Integrated Ethernet (copro): Tsxp574634, Tsxp575634, Tsxp576634 (all Versions), Modicon Quantum Processors With Integrated Ethernet (copro): 140cpu65xxxxx (all Versions), Modicon Quantum Communication Modules: 140noe771x1, 140noc78x00, 140noc77101 (all Versions), Modicon Premium Communication Modules: Tsxety4103, Tsxety5103 (all Versions)",7.5,HIGH,0.002199999988079071,false,,false,false,false,,,false,false,,2022-02-11T17:40:31.000Z,0
CVE-2020-7534,https://securityvulnerability.io/vulnerability/CVE-2020-7534,Cross-Site Request Forgery Vulnerability in Modicon CPUs by Schneider Electric,"A Cross-Site Request Forgery (CSRF) vulnerability has been identified in Schneider Electric's Modicon CPUs, which could potentially allow attackers to execute unauthorized actions and expose sensitive information while a user is logged into the web server. This vulnerability affects various models including Modicon M340, Quantum, and Premium CPUs with integrated Ethernet, as well as specific ethernet modules and communication modules. Proper safeguards should be implemented to mitigate the risks associated with this vulnerability.",Schneider Electric,"Modicon M340 Cpus: Bmxp34 (all Versions), Modicon Quantum Cpus With Integrated Ethernet (copro): 140cpu65 (all Versions), Modicon Premium Cpus With Integrated Ethernet (copro): Tsxp57 (all Versions), Modicon M340 Ethernet Modules: (bmxnoc0401, Bmxnoe01, Bmxnor0200h) (all Versions), Modicon Quantum And Premium Factory Cast Communication Modules: (140noe77111, 140noc78*00, Tsxety5103, Tsxety4103)",8.8,HIGH,0.0007300000288523734,false,,false,false,false,,,false,false,,2022-02-04T22:29:36.000Z,0
CVE-2022-22724,https://securityvulnerability.io/vulnerability/CVE-2022-22724,Uncontrolled Resource Consumption Vulnerability in Modicon M340 CPUs by Schneider Electric,"An uncontrolled resource consumption vulnerability allows an attacker to launch a denial of service (DoS) attack on Modicon M340 CPUs. By sending a large volume of TCP RST or FIN packets to open TCP ports, particularly on ports 80 (HTTP) and 502 (Modbus), an attacker can overwhelm the CPU's resources, potentially disrupting its availability and functionality.",Schneider Electric,Modicon M340 Cpus: Bmxp34 (all Versions),7.5,HIGH,0.0010300000431016088,false,,false,false,false,,,false,false,,2022-02-04T22:29:36.000Z,0
CVE-2020-7536,https://securityvulnerability.io/vulnerability/CVE-2020-7536,Improper Check for Unusual Conditions in Modicon M340 by Schneider Electric,"A vulnerability exists in Schneider Electric's Modicon M340 series, specifically impacting certain versions of the Modicon M340 CPUs and Communication Ethernet modules. This flaw arises from an improper check for unusual or exceptional conditions, which may render the device unreachable when network parameters are modified via SNMP. Affected users are advised to consult the vendor's documentation and update to the latest versions to mitigate potential risks.",Schneider Electric,"Modicon M340 Cpus (bmxp34* Versions Prior To V3.30) And Modicon M340 Communication Ethernet Modules (bmxnoe0100 (h) Versions Prior To V3.4,  Bmxnoe0110 (h) Versions Prior To V6.6, And Bmxnor0200h All Versions)",7.5,HIGH,0.0011599999852478504,false,,false,false,false,,,false,false,,2020-12-11T00:46:18.000Z,0